Backup – Tech-Coffee //www.tech-coffee.net Thu, 04 Apr 2019 09:36:33 +0000 en-US hourly 1 https://wordpress.org/?v=5.2.11 65682309 Archive Rubrik backup in Microsoft Azure //www.tech-coffee.net/archive-rubrik-backup-in-microsoft-azure/ //www.tech-coffee.net/archive-rubrik-backup-in-microsoft-azure/#respond Thu, 04 Apr 2019 09:15:28 +0000 //www.tech-coffee.net/?p=6866 The last time I talked about Rubrik, I presented the first steps to protect vSphere VM and store backup within the appliance. Today, I would like to present how to archive Rubrik backup in Microsoft Azure. Rubrik provides a turnkey interface. It’s the same thing for archival. All you need is a blob storage account ...

The post Archive Rubrik backup in Microsoft Azure appeared first on Tech-Coffee.

]]>
The last time I talked about Rubrik, I presented the first steps to protect vSphere VM and store backup within the appliance. Today, I would like to present how to archive Rubrik backup in Microsoft Azure.

Rubrik provides a turnkey interface. It’s the same thing for archival. All you need is a blob storage account in Microsoft Azure. Then you can configure Rubrik to talk with this storage account and store retention. We’ll see in this topic how to do these steps.

Prepare Microsoft Azure resources

First, you need to create a blob storage account in Microsoft Azure. From the marketplace, select storage account and create a Storage v2 account. I recommend you to choose a Cool access tier.

A screenshot of a social media post

Description automatically generated

Once the storage account is created, navigate to the blob storage and create a container. I called mine rubrik.

A screenshot of a cell phone

Description automatically generated

Configure the Rubrik Appliance

First of all, you need openssl toolkit. A private key is required and openssl is used to generate one. Run the following command to create the private key:

Openssl genrsa -out rubrik_encryption_key.pem 2048.

Then open the Rubrik dashboard and click on the wheel located at the top right corner. Then select Archival Locations.

A screenshot of a cell phone

Description automatically generated

Select Azure Archival Type and specify the storage account name. Then copy the primary key of the storage account and specify the Container name. Finally copy past the RSA key you have just generated from openssl.

A screenshot of a cell phone

Description automatically generated

If Rubrik is connected successfully to the storage account, you should see a new archival location like the following screenshot:

A screenshot of a social media post

Description automatically generated

Archive Rubrik backup in Microsoft Azure

The archiving configuration is set in SLA domain. Click on the SLA domain you want to configure.

A screenshot of a cell phone

Description automatically generated

At this moment, the Archival Policy is not configured. So, edit properties of this SLA domain.

A screenshot of a cell phone

Description automatically generated

In the edit SLA domain window, click on Remote Settings (lower right corner).

A screenshot of a cell phone

Description automatically generated

Now that archival location is added, you can change the retention on Rubrik. Just by changing the cursor from the right to the left, you change the retention on Brik and in Microsoft Azure. By enabling Instant Archive, all snapshots are transferred to Azure as an archive.

A screenshot of a cell phone

Description automatically generated

Now that Archival Policy is set, you get information in the SLA Domain Policy window.

A screenshot of a cell phone

Description automatically generated

After some time, you should get some data in your archival location.

A screenshot of a cell phone

Description automatically generated

Now when you look at snapshot, a Cloud logo is added on top of the Brik: that means that the snapshot is stored on Brik and in Microsoft Azure. If the snapshot is archived only, just the cloud logo appears and you can restore data from this view like data stored on Brik.

A screenshot of a cell phone

Description automatically generated

If you look at the storage account in Microsoft Azure, now you should get additional data.

A screenshot of a cell phone

Description automatically generated

The post Archive Rubrik backup in Microsoft Azure appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/archive-rubrik-backup-in-microsoft-azure/feed/ 0 6866
Getting started with Rubrik to backup VMware VMs //www.tech-coffee.net/getting-started-with-rubrik-to-backup-vmware-vms/ //www.tech-coffee.net/getting-started-with-rubrik-to-backup-vmware-vms/#comments Mon, 18 Mar 2019 13:17:36 +0000 //www.tech-coffee.net/?p=6771 Rubrik is a new competitor on the backup market. Instead of providing only software as most of the other products such as Veeam or Commvault, Rubrik provides also the hardware and so that is a backup appliance software. That is a turnkey solution where you don’t need to handle the underlying hardware and software. All ...

The post Getting started with Rubrik to backup VMware VMs appeared first on Tech-Coffee.

]]>
Rubrik is a new competitor on the backup market. Instead of providing only software as most of the other products such as Veeam or Commvault, Rubrik provides also the hardware and so that is a backup appliance software. That is a turnkey solution where you don’t need to handle the underlying hardware and software. All you have to do is to rack the appliance in datacenter and use the service. Rubrik provides a modern HTML5 interface and the product has been designed for ease of management. In this topic, I will introduce Rubrik to backup VMware VMs.

Add vCenter Server

First of all, a vCenter must be added in order to protect VMs. Click on the wheel located at the top right corner and select vCenter Servers.

In the next view, click on the “+” .

In the pop-up, specify the vCenter name or ip address. Then provide credentials with administrator privilege.

When the vCenter is added, the data are fetched and Rubrik make an inventory of VMs, hosts and folders.

Once the inventory is finished, you can navigate to vSphere VMs to list them.

And what about physical servers and Hyper-V

Rubrik is able to backup Hyper-V VMs, Nutanix AHV or physical servers. For Hyper-V VMs, you can add a SCVMM instance or Hyper-V hosts. Unfortunately, in the lab kindly provided by Rubrik, no Hyper-V host are available. If I have enough time, I’ll try to create a guest Hyper-V cluster.

When you want to backup physical servers, you have to install Rubrik Backup Servers on the servers either Windows or Linux.

You can protect all these kinds of physical machines.

Protect virtual machines

In Rubrik world, the VM protection is set via SLA Domains. An SLA is a set of parameters where you defined the retention policy, and the backup frequency. A restore point is called a snapshot. To create an SLA domain, navigate to Local Domains and click on “+” button.

First, specify an SLA Domain Name. Then specify when you want to take snapshot and the retention. Snapshots can be based on hours, days, months and years and retention can be set for each of time base. In snapshot window section you can configure the backup window and when you do the first full backup. Rubrik make a full backup the first time. Then each snapshot is an incremental. There’s no synthetic backup. In a next topic, we will see the advanced configuration, especially to configure Cloud archiving.

Once you create your SLA Domain, you can apply it to a VM. Navigate in vSphere VMs (for VMware) and select VMs you want to protect. You can also protect a folder or a cluster / node. Then select Manage Protection.

Then select the SLA Domain to apply protection.

Once the SLA domain is applied to the VM, you should see its name in the SLA Domain column.

Manage the protection

By clicking on the SLA Domain, you can review settings and usage. In the Storage part, you can see the capacity used on the brik. In vSphere VMs, all VM protected by this SLA domain are listed.

If you click on a VM, you can get an overview of snapshots taken and how is protected the VM. The schedule on the right shows restore point. By clicking on a restore point you can restore your data. We will see the restore process in a further topic.

In the same place, you can review activities to troubleshoot backup issues.

By selecting an activity, you can review its details and download logs.

Rubrik Dashboard

The rubrik GUI has many dashboards. This one provides information about hardware, storage consumption and throughput.

The following dashboard provides information about SLA domain, tasks and protection. You can also get information about local snapshot storage and the archive repository.

The post Getting started with Rubrik to backup VMware VMs appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/getting-started-with-rubrik-to-backup-vmware-vms/feed/ 2 6771
Archive backups with Veeam and StarWind Virtual Tape Library //www.tech-coffee.net/archive-backups-with-veeam-and-starwind-virtual-tape-library/ //www.tech-coffee.net/archive-backups-with-veeam-and-starwind-virtual-tape-library/#respond Fri, 20 Apr 2018 08:35:18 +0000 //www.tech-coffee.net/?p=6281 In this previous topic, I shown you how to configure StarWind Virtual Tape Library (VTL for friends). In this topic I connected StarWind VTL to my Veeam Backup & Replication server through iSCSI. Now I’d like add the libraries to Veeam to run tape jobs in order to archive backup. In this topic, I’ll show ...

The post Archive backups with Veeam and StarWind Virtual Tape Library appeared first on Tech-Coffee.

]]>
In this previous topic, I shown you how to configure StarWind Virtual Tape Library (VTL for friends). In this topic I connected StarWind VTL to my Veeam Backup & Replication server through iSCSI. Now I’d like add the libraries to Veeam to run tape jobs in order to archive backup. In this topic, I’ll show you how to add a tape server and how to manage the media from Veeam.

Add tape server to Veeam

First of all, open the Veeam Backup & Replication console and navigate to Tape Infrastructure. Then click on Add Tape Server.

StarWind VTL is connected to my Veeam server (VMBCK01) through iSCSI. So I choose the server VMBCK01.

Then you can specify some network traffic rules to control the encryption and throttling of the network traffic.

Next click on apply to install Veeam components for tape server.

To finish, leave checked the option Start tape libraries inventory when I click finish. This enable to run immediately the inventory and discover the tape libraries connected to the server. Otherwise you’ll not see any libraries until you run an inventory.

After the inventory, you should see the libraries. StarWind VTL is emulated by HP MSL G3 drivers. This is why you see this kind of libraries. You can see also all the media available in this libraries. Obviously, because StarWind VTL is based on hard drive, in production you must install enough storage to handle the archival you want.

Media Pool

In Veeam, a Media Pool is a set of media which shares the same retention. So, the second step in order to run archival job is to create a Media Pool. There is also the GFS Media Pool (Grand Father, Father, Son) which enables in a single Media Pool to manage weekly, monthly, quarter and yearly archival. It’s up to you. In this example I choose Media Pool.

I decide to call the Media Pool Yearly.

Then I choose some Media to add into this Media Pool. I suggest you to leave checked the option Add tapes from Free Media … In this way, if there is no enough media in this pool, automatically Veeam will takes a new media from the free media pool to move into your media pool.

Then specify a Media Set name. Each time Veeam will create a tape backup, a media set name will be associated with the format you choose.

Then choose a many time you want to protect data stored on the tape. I choose to protect yearly backup for 10 years.

Next you can choose if you want to encrypt data and if you want to enable parallel processing.

To create the Media Pool, click on finish.

For this exmaple, I have created three media pools (Weekly, Monthly and Yearly). Now my tape infrastructure is ready to use.

Now you can create a tape job. Navigate to Home and select Tape Job. You can choose between two kind of jobs:

  • Files: you backup Veeam files by choosing a folders
  • Backups: You backup a backup job without specifying folders. This is my preferred method because you can run the tape job after a backup job.

Conclusion

StarWind Virtual Tape Library and Veeam enables to archive backup from a full software stack. You don’t need to manage every day the physical media. StarWind Virtual Tape Library is cheaper than a hardware tape library. This product is valuable for companies which have no vault and no physical tape management.

The post Archive backups with Veeam and StarWind Virtual Tape Library appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/archive-backups-with-veeam-and-starwind-virtual-tape-library/feed/ 0 6281
Connect StarWind Virtual Tape Library to a Windows Server 2016 //www.tech-coffee.net/connect-starwind-virtual-tape-library-to-a-windows-server-2016/ //www.tech-coffee.net/connect-starwind-virtual-tape-library-to-a-windows-server-2016/#comments Tue, 20 Mar 2018 10:54:54 +0000 //www.tech-coffee.net/?p=6234 StarWind Virtual Tape Library (VTL) is a feature included in StarWind Virtual SAN. StarWind VTL provides a virtual LTO library to store your backup archival. StarWind VTL eliminates the heavy process of tape management and also a costly LTO library. StarWind VTL provides virtual tape to store your backup archival. The connection between StarWind Virtual ...

The post Connect StarWind Virtual Tape Library to a Windows Server 2016 appeared first on Tech-Coffee.

]]>
StarWind Virtual Tape Library (VTL) is a feature included in StarWind Virtual SAN. StarWind VTL provides a virtual LTO library to store your backup archival. StarWind VTL eliminates the heavy process of tape management and also a costly LTO library. StarWind VTL provides virtual tape to store your backup archival. The connection between StarWind Virtual Tape Library and a server is made by using iSCSI. StarWind VTL emulates virtual tape by Hewlett Packard VTL. In this topic we’ll see how to connect StarWind Virtual Tape Library to a Windows Server 2016. In a next topic, I’ll use the StarWind VTL to archive backup with Veeam Backup & Replication U3.

Requirements

To install StarWind VTL, you need a server with at least the following hardware:

  • 2x (v)CPU
  • 4GB of RAM
  • 2x Network Adapters (one for management and the other for iSCSI)
  • 1x hard drive for OS
  • 1x hard drive for virtual tape

From my side, I have deployed a virtual machine to host StarWind VTL

StarWind Virtual Tape Library installation

To deploy StarWind VTL, firstly you need to download StarWind Virtual SAN from this link. Then run the installation and when you have to choose the components, specify settings as the following:

Once the product is installed, run the StarWind management console.

StarWind Virtual Tape Library configuration

Firstly, I change the management interface to bind only to the management IP address. In this way, we can’t manage the product from iSCSI network adapter. To change the management interface, navigate to Configuration | Management Interface.

Next in General pane, click on Add VTL Device.

Then, specify a name for your Virtual Tape Library ad a location.

Then leave the default option and click on Next.

On the next screen, you are asked to create the iSCSI target. Choose to Create new target. Then specify a target alias.

If the creation is successful, you should get the following information:

Now in StarWind Management Console, you have a VTL device.

If you wish, you can add another virtual tape library to your iSCSI target.

Connect Windows Server to StarWind VTL

On the Windows Server, open iSCSI initiator properties. You are asked to start the MS iSCSI service automatically. Choose yes. Then in target, enter the IP address of the StarWInd VTL iSCSI IP address. Then connect to the target.

Once connected, you can open the Device Manager. As you can see in the below screenshot, you

Conclusion

If you don’t want to invest in a Tape Library you can use StarWind Virtual Tape Library to archive your data. In a real world, usually you use a physical machine with a lot of SATA devices. Instead of using Tape, you use SATA devices. In addition to be a cheaper solution, you don’t need to implement a process for tape rotation. However, the StarWind VTL should be in another datacenter in case of datacenter disaster.

The post Connect StarWind Virtual Tape Library to a Windows Server 2016 appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/connect-starwind-virtual-tape-library-to-a-windows-server-2016/feed/ 1 6234
Step-by-Step: Update Veeam Backup & Replication 9.5 to Update 3 //www.tech-coffee.net/step-by-step-update-veeam-backup-replication-9-5-to-update-3/ //www.tech-coffee.net/step-by-step-update-veeam-backup-replication-9-5-to-update-3/#respond Tue, 19 Dec 2017 09:46:59 +0000 //www.tech-coffee.net/?p=6043 Today Veeam has released for everyone the Update 3 of Veeam Backup & Replication 9.5 In this (small) topic, I share with you how I update Veeam Backup & Replication 9.5 to update 3. This is a step-by-step guide. Requirements To follow this guide, you need an up and running Veeam Backup & Replication 9.5 ...

The post Step-by-Step: Update Veeam Backup & Replication 9.5 to Update 3 appeared first on Tech-Coffee.

]]>
Today Veeam has released for everyone the Update 3 of Veeam Backup & Replication 9.5 In this (small) topic, I share with you how I update Veeam Backup & Replication 9.5 to update 3. This is a step-by-step guide.

Requirements

To follow this guide, you need an up and running Veeam Backup & Replication 9.5 infrastructure. To write this guide, I updated from a Veeam Backup & Replication 9.5 Update 2 solution which consists of a single server. Another server hosts a Veeam console. To update Veeam to update 3, you need to download it from the Veeam portal:

Update Veeam Backup & Replication

Before updating Veeam Backup & Replication, you have to disable all backup jobs. Open the Veeam console and navigate to the backup jobs. Select them all and right click. Then select Disable.

Ensure that all jobs are disabled before closing the Veeam console.

Next copy the update to your backup server and run it.

On the first screen, just click on Next.

Enable the checkbox Update remote components automatically to update all components during this wizard. Click on Install to deploy the Update 3.

During the update process, Veeam backup all previous installation files. When the progress bar is finished, Veeam is updated. The update process took me almost 25mn.

When the update process is finished, you should get this screen.

Open the Veeam console from the backup server, navigate to jobs, select them all and right click. Select Disable to enable all jobs.

In the below screenshot, you can see one of the new Veeam features: the central management of Veeam Agent for Windows / Linux instance. You can now centralize the backup of physical servers for example. I’ll do a topic about that later.

Update Veeam Backup & Replication console

If like in my environment you have a server dedicated to remote management, you have to update the Veeam console installed on it. The process is easy, open the Veeam console and connect to the Veeam Backup & Replication server.

The following message is raised: click on Yes to update the Veeam Console. After several minutes, you are connected to Veeam Backup & Replication Update 3.

The post Step-by-Step: Update Veeam Backup & Replication 9.5 to Update 3 appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/step-by-step-update-veeam-backup-replication-9-5-to-update-3/feed/ 0 6043
Backup and Restore Veeam Backup & Replication 9.5 configuration //www.tech-coffee.net/backup-and-restore-veeam-backup-replication-9-5-configuration/ //www.tech-coffee.net/backup-and-restore-veeam-backup-replication-9-5-configuration/#respond Tue, 10 Oct 2017 08:40:14 +0000 //www.tech-coffee.net/?p=5834 When you deploy a backup solution such as Veeam Backup & Replication 9.5, this tool becomes your body guard. In case of general failure, the backup tool must run to restore your servers and data. In some case, Veeam Backup & Replication 9.5 can fail with the production and actually the first machine to restore ...

The post Backup and Restore Veeam Backup & Replication 9.5 configuration appeared first on Tech-Coffee.

]]>
When you deploy a backup solution such as Veeam Backup & Replication 9.5, this tool becomes your body guard. In case of general failure, the backup tool must run to restore your servers and data. In some case, Veeam Backup & Replication 9.5 can fail with the production and actually the first machine to restore is Veeam. It provides a mechanism to backup and restore Veeam Backup & Replication configuration. The backup configuration works like other backup: with restore points. You just have to schedule the backup configuration and make copy outside the datacenter of this backup.

This backup and restore mechanism can also be used in case of migration. If you have an old Veeam server and you want to migrate to a newer without making again the entire configuration, you can backup and restore the configuration for migration.

Schedule the backup of Veeam Backup & Replication configuration

To manage the configuration backup, open a Veeam Backup & Replication console, click on “hamburger” menu (top left) and select Configuration Backup.

Then you can enable the configuration backup on a backup repository. Scale-Out Repository are not supported for configuration backup. You can choose the number of restore points to keep and you can schedule the backup. To keep credentials you use in Veeam, you have to enable Encrypt configuration backup option.

Specify a password that you’ll never lose, and click on OK.

Restore Veeam Backup and Replication configuration

To restore the Veeam Backup & Replication configuration, open a session on the Veeam server and open Configuration Restore as below:

The wizard asks you if you want to restore or if it is in case of Migration. For this exemple I choose Restore.

Open the backup repository and select the restore point you want.

In the next screen, you get a backup content summary. If you are agree, click on Next.

If you have encrypted your backup, specify the encryption password.

Then specify the target database. If the database already exists, it will be deleted and created again.

Choose what configuration data you want to restore.

If Veeam services are running, the wizard will stop them for you.

Once the restore is running, you should have something as below:

After the restore, the wizard asks you to verify credentials.

When the restore is finished, you get the following screen.

The last step regards the backup job: after a restore they are all disabled. You have to enable them and it is finished 🙂

The post Backup and Restore Veeam Backup & Replication 9.5 configuration appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/backup-and-restore-veeam-backup-replication-9-5-configuration/feed/ 0 5834
Enable Direct Storage Access in Veeam Backup & Replication //www.tech-coffee.net/enable-direct-storage-access-in-veeam-backup-replication/ //www.tech-coffee.net/enable-direct-storage-access-in-veeam-backup-replication/#comments Mon, 31 Jul 2017 14:39:27 +0000 //www.tech-coffee.net/?p=5640 In environment with virtualization infrastructure connected to a SAN, you may want to connect your Veeam proxies (usually a physical servers) to the SAN to collect data. This configuration avoids using the production network to get data and reduce the backup window by increasing the speed of the backup process. This configuration requires a direct ...

The post Enable Direct Storage Access in Veeam Backup & Replication appeared first on Tech-Coffee.

]]>
In environment with virtualization infrastructure connected to a SAN, you may want to connect your Veeam proxies (usually a physical servers) to the SAN to collect data. This configuration avoids using the production network to get data and reduce the backup window by increasing the speed of the backup process. This configuration requires a direct connection between Veeam proxies and the SAN by using usually iSCSI or FC. In this topic, we’ll see how to configure the Veeam proxies to enable Direct Storage Access and to backup VMware VM.

Design overview

The Veeam server is based on a physical server (Dell R630) and running on Windows Server 2016 (July cumulative updates). The Veeam version is 9.5 update 2. This server has two network adapters member of a teaming for production network and two network adapters for iSCSI. I’d like to collect VM data across the iSCSI network adapters. So Veeam collect VM information and process the VM snapshot from the production network and data are copied accross the backup network. In this topic, I’ll connect VMFS LUN (VMware) to Veeam Server. In this configuration, the Veeam proxy is deployed in the Veeam server.

N.B: If you plan to dedicate servers for Veeam proxies, you must connect each proxy to the production storage.

Configure MPIO

First of all, you need to install MPIO if you have several network links connected to a SAN. MPIO ensures that all paths to a LUN are managed to ensure high availability and bandwidth aggregation (if you have not set MPIO to failover). Install MPIO from Windows features and run mpiocpl (it’s work also in Core edition) to configure MPIO:

After you have added the iSCSI or/and SAS support, a reboot is required.

Disable automount

This option prevents Windows from automatically mounting any new basic and dynamic volumes that are added to the system. The volume must not be mounted in Veeam server. We just need access to the block storage. This is why this option is set.

iSCSI configuration

First, you need to start the iSCSI service. This service should also be automatically started:

Next open iSCSIcpl (it’s work on Server Core also) and add portal address. Once the targets are discovered, you can connect to them.

Once you are connected, open the disk management and check if LUNs are well mounted in the system:

Veeam configuration

Now that you have connected your Veeam proxies to the production storage, you can now change the transport mode. In Veeam Backup & Replication console, navigate to backup infrastructure and edit the proxies. Change the transport mode and choose Direct Storage Access.

Now, when you backup a VM located in a SAN datastore, you should have something like this:

Conclusion

If you have a SAN iSCSI or FC and you want to dedicate these networks for backup, Direct Storage Access can be the way to go. The servers must be connected to the SAN and then Veeam is able to copy at block level from the mounted LUN. If your production network is 1GB/s and your storage network is 10GB/s, you can also save a lot of time and reduce the backup windows.

The post Enable Direct Storage Access in Veeam Backup & Replication appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/enable-direct-storage-access-in-veeam-backup-replication/feed/ 2 5640
Deploy Veeam Cloud Connect for large environments in Microsoft Azure //www.tech-coffee.net/deploy-veeam-cloud-connect-for-large-environments-in-microsoft-azure/ //www.tech-coffee.net/deploy-veeam-cloud-connect-for-large-environments-in-microsoft-azure/#comments Fri, 30 Jun 2017 07:57:00 +0000 //www.tech-coffee.net/?p=5604 Veeam Cloud Connect is a solution to store backups and archives in a second datacenter such as Microsoft Azure. Thanks to this technology, we can easily follow the 3-2-1 backup rule (3 backups; 2 different medias; 1 offsite). Last time I talked about Veeam Cloud Connect, I deployed all Veeam roles within a single VM. ...

The post Deploy Veeam Cloud Connect for large environments in Microsoft Azure appeared first on Tech-Coffee.

]]>
Veeam Cloud Connect is a solution to store backups and archives in a second datacenter such as Microsoft Azure. Thanks to this technology, we can easily follow the 3-2-1 backup rule (3 backups; 2 different medias; 1 offsite). Last time I talked about Veeam Cloud Connect, I deployed all Veeam roles within a single VM. This time I’m going to deploy the Veeam Cloud Connect in Microsoft Azure where roles are allocated across different Azure VMs. Moreover, some roles such as the Veeam Cloud Gateway will be deployed in a high availability setup.

Before I begin, I’d like to thank Pierre-Francois Guglielmi – Veeam Alliances System Engineer (@pfguglielmi) for his time. Thank you for your review, your English correction and your help.

What is Veeam Cloud Connect

Veeam Cloud Connect provides an easy way to copy your backups to an offsite location that can be based on public cloud (such as Microsoft Azure) or for archival purpose. Instead of investing money in another datacenter to store backup copies, you can choose to leverage Veeam Cloud Connect (VCC) to send these backup copies to Microsoft Azure. VCC exists in the form of two templates that you can find in the Microsoft Azure Marketplace:

  • Veeam Cloud Connect for Service Providers
  • Veeam Cloud Connect for the Enterprise

The first one is for service providers with several customers who want to deliver Backup-as-a-Service offerings using the Veeam Cloud Connect technology. This provider can deploy the solution in a public cloud and deliver the service to clients. The second version is dedicated to companies willing to build similar Backup-as-a-Service offerings internally, leveraging the public cloud to send backup copies offsite. For this topic, I’ll work on Veeam Cloud Connect for Enterprise, but the technology is the same.

Veeam Cloud Connect is a Veeam Backup & Replication server with Cloud Connect features unlocked by a specific license file. When deploying this kind of solution, you have the following roles:

  • Microsoft Active Directory Domain Controller (optional)
  • Veeam Cloud Connect server
  • Veeam Cloud Gateway
  • Veeam backup repositories
  • Veeam WAN Accelerator (optional)

Microsoft Active Directory Domain Controller

A Domain controller is not a mandatory role for the Veeam Cloud Connect infrastructure but it can make servers and credentials management easier. If you plan to establish a site-to-site VPN from your on-premises to Microsoft Azure, you can deploy domain controllers within Azure, in the same forest than the existing domain controllers and add all Azure VMs to a domain. In this way, you can use your existing credentials to manage servers, apply existing GPOs and create specific service accounts for Veeam managed by Active Directory. It is up to you: if you don’t deploy a domain controller within Azure, you can still deploy the VCC infrastructure. But then you’ll have to manage servers one by one.

Veeam Cloud Connect server

Veeam Cloud Connect server is a Veeam Backup & Replication server with Cloud Connect features. This is the central point to manage and deploy Veeam Cloud Connect infrastructure components. From this component, you can deploy Veeam Cloud Gateway, WAN accelerator, backup repositories and manage backup copies.

Veeam Cloud Gateway

The Veeam Cloud Gateway component is the entry point of your Veeam Cloud Connect infrastructure. When you’ll choose to send a backup copy to this infrastructure, you’ll specify the public IP or DNS name of the Veeam Cloud Gateway server(s). This service is based on Azure VM(s) running Windows Server and with a public IP address to allow secure inbound and outbound connections to the on-premises environment. If you choose to deploy several Veeam Cloud Gateway servers for high availability, you have two ways to provide a single entry point:

  • Round-Robin record in your public DNS registrar; one DNS name for all A records bound to Veeam Cloud Gateways public IP adresses.
  • A Traffic Manager in front of all Veeam Cloud Gateway servers

Because Veeam Cloud Gateway has its own load balancing mechanism, you can’t deploy Azure Load balancer, F5 appliance or other kinds of load balancers on front of Veeam Cloud Gateways.

Veeam Backup repositories

This is the storage system that stores backups. It can be a single Windows Server with a single disk or a storage space. Don’t forget that in Azure, the maximum size of a single data disk is 4TB (as of June 2017). You can also leverage the Scale-Out Backup Repository functionality where several backup repositories are managed by Veeam as a single logical repository. To finish, and this is the scenario I’m going to present later in this topic, you can store backups on a Scale-Out File Server based on a Storage Spaces Direct cluster. This solution provides SMB 3.11 access to the storage.

Veeam WAN Accelerator

Veeam WAN accelerator is the same component already available in Veeam Backup & Replication. This service optimizes the traffic between source and destination by sending only new unique blocks not already known at destination. To leverage this feature, you need a pair of WAN Accelerator servers. The source WAN Accelerator creates a digest for data blocks and the target synchronizes these digests and populates a global cache. During next transfer, the source WAN Accelerator compares digests of the blocks in the new incremental backup file with the already known digests. If nothing has changed, the block is not copied over the network and the data is taken from the global cache in the target, or from the target backup repositories, which in such a case act as infinite cache.

Architecture Overview

For this topic, I decided to separate roles on different Azure VMs. I’ll have 5 kinds of Azure VMs:

  • Domain Controllers
  • Veeam Cloud Gateways
  • Veeam Cloud Connect
  • Veeam WAN Accelerator
  • File Servers (Storage Spaces Direct)

First, I deploy two Domain Controllers to ease management. This is completely optional. All domain controllers are members of an Azure Availability Set.

The Veeam Cloud Gateway servers are located behind a Traffic Manager profile. Each Veeam Cloud Gateway has its own public IP address. The Traffic Manager profile distributes the traffic across public IP addresses of Veeam Cloud Gateway servers. The JSON template provided below allows to deploy from 1 to 9 Cloud Gateway servers depending on your needs. All Veeam Cloud Gateways are added to an Availability Set to support a 99,95% SLA.

Then I deploy two Veeam Cloud Connect VMs: one active and one passive. I add these both Azure VMs in an Availability Set. If the first VM crashes, the backup configuration is restored to the second VM.

The WAN Accelerator is not in an Availability Set because you can add only one WAN Accelerator per tenant. You can deploy as many WAN accelerators as required.

Finally, the backup repository is based on Storage Spaces Direct. I deploy 4 Azure VMs to leverage parity. I choose parity because my S2D managed disks are based on SSD (premium disk). If you want more performance or if you choose standard disks, I recommend you mirroring instead of parity. You can use a single VM to store backups to save money but for this demonstration, I’d like to share with Storage Spaces Direct just to show that it is possible. However, there is one limitation with S2D in Azure: for better performance, managed disks are recommended. An Availability Set with Azure VMs with managed disks supports only three fault domains. That means that in a four-node S2D cluster, two nodes will be in the same fault domain. So there is a chance that two nodes fail simultaneously. But dual parity (or 3-way mirroring) supports two fault domain failures.

Azure resources: Github

I have published in my Github repository a JSON template to deploy the infrastructure described above. You can use this template to deploy the infrastructure for your lab or production environment. In this example, I won’t explain how to deploy the Azure Resources because this template does it automatically.

Active Directory

Active Directory is not mandatory for this kind of solution. I have deployed domain controllers to make management of servers and credentials easier. To configure domain controllers, I started the Azure VMs where domain controller roles will be deployed. In the first VM, I run the following PowerShell cmdlets to deploy the forest:

# Initialize the Data disk
Initialize-Disk -Number 2

#Create a volume on disk
New-Volume -DiskNumber 2 -FriendlyName Data -FileSystem NTFS -DriveLetter E

#Install DNS and ADDS features
Install-windowsfeature -name AD-Domain-Services, DNS -IncludeManagementTools

# Forest deployment
Import-Module ADDSDeployment
Install-ADDSForest -CreateDnsDelegation:$false `
                   -DatabasePath "E:\NTDS" `
                   -DomainMode "WinThreshold" `
                   -DomainName "VeeamCloudConnect.net" `
                   -DomainNetbiosName "HOMECLOUD" `
                   -ForestMode "WinThreshold" `
                   -InstallDns:$true `
                   -LogPath "E:\NTDS" `
                   -NoRebootOnCompletion:$false `
                   -SysvolPath "E:\SYSVOL" `
                   -Force:$true

Then I run these cmdlets for additional domain controllers:

# Initialize data disk
Initialize-Disk -Number 2

# Create a volume on disk
New-Volume -DiskNumber 2 -FriendlyName Data -FileSystem NTFS -DriveLetter E

# Install DNS and ADDS features
Install-windowsfeature -name AD-Domain-Services, DNS -IncludeManagementTools

# Add domain controller to forest
Import-Module ADDSDeployment
Install-ADDSDomainController -NoGlobalCatalog:$false `
                             -CreateDnsDelegation:$false `
                             -Credential (Get-Credential) `
                             -CriticalReplicationOnly:$false `
                             -DatabasePath "E:\NTDS" `
                             -DomainName "VeeamCloudConnect.net" `
                             -InstallDns:$true `
                             -LogPath "E:\NTDS" `
                             -NoRebootOnCompletion:$false `
                             -SiteName "Default-First-Site-Name" `
                             -SysvolPath "E:\SYSVOL" `
                             -Force:$true

Once the Active Directory is ready, I add each Azure VM to the domain by using the following cmdlet:

Add-Computer -Credential homecloud\administrator -DomainName VeeamCloudConnect.net -Restart

Configure Storage Spaces Direct

I have written several topics on Tech-Coffee about Storage Spaces Direct. You can find for example this topic or this one. These topics are more detailed about the Storage Spaces Direct if you need more information.

To configure Storage Spaces Direct in Azure, I started all file servers VMs. Then in each VM I ran the following cmdlet:

# Rename vNIC connected in Internal subnet by Management
rename-netadapter -Name "Ethernet 3" -NewName Management

# Rename vNIC connected in cluster subnet by cluster
rename-netadapter -Name "Ethernet 2" -NewName Cluster

# Disable DNS registration for cluster vNIC
Set-DNSClient -InterfaceAlias *Cluster* -RegisterThisConnectionsAddress $False

# Install required features
Install-WindowsFeature FS-FileServer, Failover-Clustering -IncludeManagementTools -Restart

Once you have run these commands on each server, you can deploy the cluster:

# Validate cluster prerequisites
Test-Cluster -Node AZFLS00, AZFLS01, AZFLS02, AZFLS03 -Include "Storage Spaces Direct",Inventory,Network,"System Configuration"

#Create the cluster
New-Cluster -Node AZFLS00, AZFLS01, AZFLS02, AZFLS03 -Name Cluster-BCK01 -StaticAddress 10.11.0.160

# Set the cluster quorum to Cloud Witness (choose another Azure location)
Set-ClusterQuorum -CloudWitness -AccountName StorageAccount -AccessKey "AccessKey"

# Change the CSV cache to 1024MB per CSV
(Get-Cluster).BlockCacheSize=1024

# Rename network in the cluster
(Get-ClusterNetwork "Cluster Network 1").Name="Management"
(Get-ClusterNetwork "Cluster Network 2").Name="Cluster"

# Enable Storage Spaces Direct
Enable-ClusterS2D -Confirm:$False

# Create a volume and rename the folder Volume1 to Backup
New-Volume -StoragePoolFriendlyName "*Cluster-BCK01*" -FriendlyName Backup -FileSystem CSVFS_ReFS -ResiliencySettingName parity -PhysicalDiskRedundancy 2 -Size 100GB
Rename-Item C:\ClusterStorage\Volume1 Backup
new-item -type directory C:\ClusterStorage\Backup\HomeCloud

Then open the Active Directory console (dsa.msc) and edit the permissions of the OU where the Cluster Name Object is located. Grant the permission to create computer objects to the CNO (in the example Cluster-BCK01) on the OU.

Next, run the following cmdlets to complete the file server’s configuration:

# Add Scale-Out File Server to cluster
Add-ClusterScaleOutFileServerRole -Name BackupEndpoint

# Create a share
New-SmbShare -Name 'HomeCloud' -Path C:\ClusterStorage\Backup\HomeCloud -FullAccess everyone

First start of the Veeam Cloud Connect VM

First time you connect to the Veeam Cloud Connect VM, you should see the following screen. Just specify the license file for Veeam Cloud Connect and click Next. The next screen shows the requirements to run a Veeam Cloud Connect infrastructure.

Deploy Veeam Cloud Gateway

First component I deploy is Veeam Cloud Gateway. In the Veeam Backup & Replication console (in the Veeam Cloud Connect VM), you can navigate to Cloud Connect. Then select Add Gateway.

In the first screen, just click on Add New…

Then specify the name of the first gateway and provide a description.

In the next screen, enter credentials that have administrative permissions in the Veeam Cloud Gateway VM. For that, I created an account in Active Directory and I added it to local administrators of the VM.

Then Veeam tells you that it has to deploy a component on the target host. Just click Apply.

The following screen shows a successful deployment:

Next you have a summary of the operations applied to the target server and what has been installed.

Now you are back to the first screen. This time select the host you just added. You can change the external port. For this test I kept the default value.

Then choose “This server is located behind NAT” and specify the public IP address of the machine. You can find this information in the Azure Portal on the Azure VM blade. Here again I left the default internal port.

This time, Veeam tells you that it has to install Cloud Gateway components.

The following screenshot shows a successful deployment:

Repeat these steps for each Cloud Gateway. In this example, I have two Cloud Gateways:

To complete the Cloud Gateway configuration, open up the Azure Portal and edit the Traffic Manager profile. Add an endpoint for each Cloud Gateway you deployed and select the right public IP address. (Sorry I didn’t find how to loop the creation of endpoint in JSON template).

Because I have two Cloud Gateways and so two Traffic Manager endpoints with the same weight.

Add the backup repository

In this step, we add the backup repository. Open the Veeam Backup & Replication console (in Veeam Cloud Connect VM) and navigate to Backup Infrastructure. Then select Add Repository.

Enter a name and a description for your backup repository.

Next select Shared folder because Storage Spaces Direct with SOFS is based on … shared folder.

Then specify the UNC path to the share that you have previously created (Storage Spaces Direct section) and provide credentials with privileges.

In the next screen you can limit the maximum number of concurrent tasks, the data rates and set some advanced parameters.

Then I choose to not enable vPower NFS because it’s only use in VMware vSphere environments.

The following steps are not mandatory. I just clean up the default configuration. First I remove the default tenant.

Then I change the Configuration Backup task’s repository to the one created previously. For that I navigate to Configuration Backup:

Then I specify that I want to store the configuration backups to my S2D cluster. It is highly recommended to encrypt configuration backup to save credentials

Finally, I remove the default backup repository.

Deploy Veeam WAN Accelerator (Optional)

To add a Veeam WAN Accelerator, navigate to Backup Infrastructure and select Add WAN Accelerator.

In the next screen, click Add New…

Specify the FQDN of the target host and type in a description.

Then select credentials with administrative permissions on the target host.

In the next screen, Veeam tells you that a component has to be installed.

This screen shows a successful deployment.

Next you have a summary screen which provides a summary of the configuration of the target host.

Now you are back to the first screen. Just select the server that you just added and provide a description. I choose to leave the default traffic port and the number of streams.

Select a cache device with enough capacity for your needs.

Finally you can review your settings. If all is ok, just click Apply.

You can add as many WAN accelerators as needed. One WAN Accelerator can used by several tenants. Only one WAN Accelerator can be bound to a tenant.

Prepare the tenant

Now you can add a tenant. Navigate to Cloud Connect tab and select Add tenant.

Provide a user name, a password and a description to your tenant. Then choose Backup storage (cloud backup repository).

In the next screen you can define the maximum number of concurrent tasks and a bandwidth limit.

Then click Add to bind a backup repository to the tenant.

Specify the cloud repository name, the backup repository, the capacity of the cloud repository and the WAN Accelerator.

Once the cloud repository is configured, you can review the settings in the last screen.

Now the Veeam Cloud Connect infrastructure is ready. The enterprise can now connect to Veeam Cloud Connect in Azure.

Connect On-Premises to Veeam Cloud Connect

To connect to the Veeam Cloud Connect infrastructure from On-Premises, open your Veeam Backup & Replication console. Then in Backup infrastructure, navigate to Service Providers. Click Add Service Provider.

Type in the FQDN to your Traffic Manager profile and provide a description. Select the external port your chose for the Veeam Cloud Gateways configuration (I left mine to the default 6180).

In the next screen, enter the credentials to connect to your tenant.

If the credentials are correct, you should see the available cloud repositories.

Now you can create a backup copy job to Microsoft Azure.

Enter a job name and description and configure the copy interval.

Add virtual machine backups to copy to Microsoft Azure and click Next.

In the next screen you can set archival settings and how many restore points you want to keep. You can also configure some advanced settings.

If you a WAN Accelerator on-premises, you can select the source WAN Accelerator.

Then you can configure scheduling options for the backup copy job.

When the backup copy job configuration is complete, the job starts and you should see backup copies being created in the Veeam Cloud Connect infrastructure.

Conclusion

This topic introduces “a large” Veeam Cloud Connect infrastructure within Azure. All components can be deployed in a single VM (or two) for small environments or as described in this post for huge infrastructure. If you have several branch offices and want to send backup data to an offsite location, it can be the right solution instead of tape library.

The post Deploy Veeam Cloud Connect for large environments in Microsoft Azure appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/deploy-veeam-cloud-connect-for-large-environments-in-microsoft-azure/feed/ 1 5604
Host Veeam backup on Storage Spaces Direct //www.tech-coffee.net/host-veeam-backups-storage-spaces-direct/ //www.tech-coffee.net/host-veeam-backups-storage-spaces-direct/#comments Tue, 06 Jun 2017 08:01:26 +0000 //www.tech-coffee.net/?p=5527 Storage Spaces Direct (S2D) is well known to host virtual machines in the disaggregated or hyperconverged model. But S2D can also be used for backup purpose as a backup repository. You can plan to implement a S2D cluster in the dissagregated model to host virtual machines but also to store backups. Because Veeam Backup & ...

The post Host Veeam backup on Storage Spaces Direct appeared first on Tech-Coffee.

]]>
Storage Spaces Direct (S2D) is well known to host virtual machines in the disaggregated or hyperconverged model. But S2D can also be used for backup purpose as a backup repository. You can plan to implement a S2D cluster in the dissagregated model to host virtual machines but also to store backups. Because Veeam Backup & Replication can leverage a repository based on SMB shares, the Veeam backups can be hosted on a S2D cluster through Scale-Out File Server (SOFS).

Veeam Backup & Replication 9.5 provides advanced ReFS integration to provide faster synthetic full backup creation, reduce storage requirements and improve reliability and backup and restore performance. With Storage Spaces Direct, Microsoft recommends mainly ReFS as the file system. This is why, if you have a S2D cluster (or you plan to deploy) and Veeam, it can be a great opportunity to host backup on the S2D cluster.

S2D cluster provides three resilience models: mirroring, parity and mixed resiliency. Mirroring volume is not a good option to store backup because too many spaces is used for resilience (50% in 2-way mirroring or 3-way mirroring). Mirroring is good to store virtual machines. Parity is a good option to store backups. More you add storage, more your storage is efficiency. However, you need a 4-node S2D cluster. Mixed resiliency is also a good option because you mix mirroring and parity and so performance and efficiency. But mixed resiliency requires a fine design.

In this topic, I’ll implement a S2D cluster with a dual parity volume to store Veeam backups.

4-node S2D cluster deployment

First of all, you have to deploy a S2D Cluster. You can follow this topic to implement the cluster. For this topic, I have deployed a 4-node cluster. After that Operating System and drivers are installed I have run the following PowerShell script. This script installs required features on all nodes and enable RDMA for network adapters with the name containing Cluster.

$Nodes = "VMSDS01","VMSDS02","VMSDS03","VMSDS04"

Foreach ($Node in $Nodes){
    Try {
        $Cim = New-CimSession -ComputerName $Node -ErrorAction Stop
        Install-WindowsFeature Failover-Clustering, FS-FileServer -IncludeManagementTools -Restart ComputerName $Node -ErrorAction Stop | Out-Null

        Enable-NetAdapterRDMA -CimSession $Node -Name Cluster* -ErrorAction Stop | Out-Null
    }
    Catch {
        Write-Host $($Error[0].Exception.Message) -ForegroundColor Red -BackgroundColor Green
        Exit
    }
}

Then from a node of the cluster I have run the following cmdlets:

$Nodes = "VMSDS01","VMSDS02","VMSDS03","VMSDS04"
$ClusIP = "10.10.0.44"
$ClusNm = "Cluster-BCK01"

Test-Cluster -Node $Nodes -Include "Storage Spaces Direct", Inventory,Network,"System Configuration"
New-Cluster -Node $Nodes -StaticAddress $ClusIP -NoStorage
Enable-ClusterS2D

New-Volume -StoragePoolFriendlyName "*Cluster-BCK01" -FileSystem CSVFS_ReFS -ResiliencySettingName Parity -PhysicalDiskRedundancy 2 -Size 100GB

Rename-Item c:\ClusterStorage\Volume1 BCK01

At this moment, the cluster is created and Storage Spaces Direct is enabled. The cluster is called Cluster-BCK01 (IP: 10.10.0.44) and a dual parity volume is created. Then open the permissions of the OU where is located the Cluster Name Object of the cluster. Then add a permission for the cluster name object to allow to create computer objects.

Open the failover clustering manager and rename the networks to ease the management.

You can check also that you have all the enclosures and physical disks.

When S2D has been enabled, a storage pool with all physical disks has been automatically created. I have renamed it to Backup Pool.

You can check also that a Cluster Shared Volume has been well created.

Next run the following cmdlets to create SOFS role, create a folder in the volume and create a share on this folder.

Add-ClusterScaleOutFileServerRole -Name BCK-REPO
new-item -Type Directory -Path '\\vmsds01\c$\ClusterStorage\BCK01' -Name VMBCK01
New-SmbShare -Name 'VMBCK01' -Path C:\ClusterStorage\BCK01\VMBCK01 -FullAccess everyone

If you go back to the cluster, you can see that a Scale-Out File Server role has been created as well as the share.

You can edit the permissions of the folder to give specific permissions to the account that will be used in Veeam Backup & Replication.

Veeam Backup & Replication configuration

First of all, I create a new backup repository in Veeam Backup & Replication.

Then choose the shared folder backup repository.

Next specify the shared folder where you want store the backups. My SOFS role is called BCK-REPO and the share is called VMBCK01. So, the path is \\BCK-REPO\VMBCK01. Specify also credentials that have permissions on the shared folder.

In the next window, you can specify advanced properties.

Then I choose to not enable the vPower NFS service because I backup only Hyper-V VMs.

To finish the backup repository creation, review the properties and click on Apply.

Run a backup on the S2D repository

To test the new backup repository, I choose to create a backup copy job.

Then choose the VM that will be in the backup copy job.

In the next screen, choose the S2D backup repository, the number of restore points and the archival settings.

Next choose if you want use a WAN accelerator or not.

When the wizard is finished, the backup copy job is processing. You can see in the shared folder that data is coming.

When the backup is finished, you can see that data processed and size on disk are different. It is because Veeam leverages ReFS to reduce the storage usage.

Conclusion

Microsoft Storage Spaces Direct can be used to store your virtual machines but also your backups. If you plan a S2D in disaggregated model, you can design the solution to store VM data and backup job. The main disadvantage is that backup should be located in a parity volume (or a mixed resiliency) and that requires at least a 4-node S2D cluster.

The post Host Veeam backup on Storage Spaces Direct appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/host-veeam-backups-storage-spaces-direct/feed/ 3 5527
Step-By-Step: Deploy Veeam 9.5 and backup VMware VM //www.tech-coffee.net/step-by-step-deploy-veeam-9-5-and-backup-vmware-vm/ //www.tech-coffee.net/step-by-step-deploy-veeam-9-5-and-backup-vmware-vm/#respond Tue, 14 Mar 2017 09:56:04 +0000 //www.tech-coffee.net/?p=5214 The following topics describe how to deploy Veeam 9.5 Backup and Replication and how to backup and restore your VMware VM. The processus are presented step-by-step in three topics: Deploy Veeam 9.5 Backup & Replication Connect Veeam to vCenter and add a backup repository Backup and restore your first VMware VM  

The post Step-By-Step: Deploy Veeam 9.5 and backup VMware VM appeared first on Tech-Coffee.

]]>
The following topics describe how to deploy Veeam 9.5 Backup and Replication and how to backup and restore your VMware VM. The processus are presented step-by-step in three topics:

 

The post Step-By-Step: Deploy Veeam 9.5 and backup VMware VM appeared first on Tech-Coffee.

]]>
//www.tech-coffee.net/step-by-step-deploy-veeam-9-5-and-backup-vmware-vm/feed/ 0 5214