By Eric Siebert
Data backup is one area where many companies struggle after virtualizing their environments because traditional backup methods are often inefficient in virtual server environments. Veeam Software recognized the need for better backup products for VMware environments and introduced its Veeam Backup and Replication product in 2008. At the time, there were two other vendors with specific backup products for VMware -- PHD Virtual Technologies with esXpress and Vizioncore (now Quest Software) with esxRanger. Both of these products were launched in 2006. Veeam tried to distinguish its product from the others by quickly embracing the new technologies that VMware develops. Veeam Backup and Replication 5 has recently been released, and has many new features. In this article, we will first cover Veeam backup with 4.1.2 and then highlight some of the new features in version 5.
VEEAM BACKUP TIPS AND A PREVIEW OF VEEAM BACKUP AND REPLICATION 5
>> An overview of Veeam Backup and Replication
>> Veeam Backup & Replication and synthetic backups
>> Backup methods supported by Veeam Backup and Replication
>> Veeam Backup and Replication installation notes
>> Version 5 of Backup and Replication
Veeam has always bundled backup and replication into one product; other VMware backup vendors sell their replication products separately. Veeam was also one of the first backup vendors to embrace the new VMware vStorage APIs that were a huge improvement over VMware Consolidated Backup. Veeam was quick to leverage the Changed Block Tracking (CBT) feature in vSphere that allows for faster incremental backups as well as near-continuous data protection (CDP) with the product's replication engine. Veeam Backup and Replication includes many other advanced features such as:
- Full support for backing up both ESX and ESXi hosts
- Full support for all the new vSphere features as well as the new vStorage APIs for Data Protection
- Support for both bare-metal virtual machine restore (vmdk) and individual file restore (Windows only)
- Inline data deduplication and compression of target backup data
- Support for both VMware Tools quiescing and a proprietary agent that leverages Microsoft's VSS driver for performing application-consistent backups
Veeam has embraced the synthetic backup model instead of the traditional full/incremental backup method that many backup products use. Synthetic backups provide smaller backup windows and less resource consumption than traditional backups because you never have to do periodic full backups of your virtual machines (VMs). With synthetic backups, a full backup is only done once and, from that point, subsequent backups are all incremental backups.
You might think that would make restores difficult because you could potentially need a huge number of incremental backup files to restore something, but that's not the case. What happens with synthetic backups is after the incremental backup takes place, the backup server combines the data with previous backups to synthesize a full backup. By doing this, you always have an up-to-date full backup copy without ever having to perform a full backup on a VM. But if you always have a current full backup, what if you want to restore older data? This is possible, too, because all changes are backed up and saved as rollback files, and historical data is used to calculate reverse increments. To support compliance and corporate policies, Veeam Backup and Replication also supports doing periodic full backups by using a special backup job that resets the chain of rollback files, so all subsequent incremental backups will use the new full backup. With the release of Backup and Replication version 5, Veeam has made the traditional forward-incremental mode the default, but you can still use the reverse-incremental synthetic mode as well.
Veeam Backup and Replication supports different backup methods that can be used depending on your environment; this includes the vStorage APIs, VMware Consolidated Backup and traditional network backups. The vStorage APIs are the successor to VMware Consolidated Backup and both allow you to directly access VM storage without going through the host (LAN-free). You can also use traditional over-the-network backups that go through the host to access VM storage, for ESX hosts (not ESXi) an agent is deployed to the Service Console to help make the backup more efficient.
vStorage APIs: Using the vStorage APIs is the preferred method because it's the most efficient method. When using the vStorage APIs, there are four transport modes available: SAN mode, SAN mode with failover, network mode and virtual appliance mode. SAN mode is only supported for VMs running on a block storage device and allows Veeam Backup and Replication to directly access the VM datastores without going through an ESX or ESXi host, which results in less resource usage on the host. This typically means you have to run Veeam Backup and Replication on a physical server that has direct access to the VM datastores though a Fibre Channel HBA or iSCSI initiator. However, running Veeam Backup and Replication on a VM and using a Microsoft iSCSI initiator installed in the guest OS to connect directly to an iSCSI datastore works equally well. SAN mode with failover adds a safety mechanism; if for some reason SAN mode becomes unavailable, it will fail over to network mode to complete the backups. This can be undesirable because it puts more resource usage on the ESX host while backups are running in network mode.
Network mode: Network mode is the least efficient mode because the Veeam Backup and Replication server is connecting to the ESX/ESXi host over the network using Network Block Device Protocol (NBD) to connect to the VM datastore. This adds additional network traffic and resource usage on the host that can negatively impact the VMs running on the host. To help improve efficiency in network mode on ESX hosts, a service console agent is deployed at runtime; however, with ESXi this isn't possible due
Network mode is the least efficient mode because the Veeam Backup and Replication server is connecting to the ESX/ESXi host over the network using NBD Protocol to connect to the VM datastore.
to its more limited management console. For VMs running on local storage, this mode is necessary because the Veeam Backup and Replication server cannot directly access the VMs disks.
Virtual appliance mode: Finally, there is virtual appliance mode where Veeam Backup and Replication is installed on a VM, and disks from the VMs that are backed up are "hot-added" to the Veeam Backup and Replication VM. The data is read directly from the storage stack instead of over the network. The hot-add ability is new to vSphere. In the 4.0 version, a temporary helper VM without any virtual disks was necessary for this; with vSphere 4.1 the helper isn't needed. The advantage of using virtual appliance mode is its ability to directly back up VMs on NFS storage, which previously had to be done with the less efficient network mode.
Performance-wise there is not much difference between SAN mode and virtual appliance mode as they both leverage the storage stack to access source data instead of dragging it through the network stack. The area that has the biggest impact on backup performance is hardware configuration of both the Veeam backup server and the target device if it's a server. While you can use Veeam Backup and Replication on a server with two CPU cores, your performance will suffer. Veeam recommends at least four cores and up to eight for best performance. Remember, the Veeam Backup and Replication server is not just picking up data from the source and sending it to the destination. It also uses advanced logic to try to minimize the amount of data that it needs to copy and store by using data deduplication and compression. Having enough CPUs and RAM available is critical for achieving the best backup performance possible.
The Veeam Backup server can be installed on either a physical server or virtual machine and includes several components: an API shell interface, a backup service that handles the coordination of all the jobs, and a manager process that controls backup agents deployed to the source and target hosts. While the backup server must be installed on a Windows OS, it can back up VMs that have any OS supported by vSphere. In addition, a database is also required to store backup and configuration information. An existing SQL Server 2005/2008 server can be used for this, otherwise SQL Server 2005 Express is automatically installed. For larger or geographically diverse environments that require multiple Veeam Backup and Replication servers, there's a separate Enterprise Manager application that can be installed to centrally manage multiple servers through a Web interface. Built-in file-level restore is supported only for Windows operating systems but Veeam leverages VMware Player to do multi-OS file-level restores for other operating systems like Linux. Veeam uses VMware Player to power on the VM image and mount its file system; you can then browse the VM's file system in a Windows Explorer-like interface and copy files from it to a local PC or network share.
Veeam has some of the best documentation that I've ever seen which makes installing Veeam Backup and Replication a simple process.
When Veeam announced version 5 of its Backup and Replication product back in March, the company also announced a new feature called SureBackup. Most companies trust that their backups are working properly and don't bother to periodically verify them. Even if you do periodically verify your backups, it is a resource- and time-intensive process. Veeam came up with a method to automatically verify VM backups to ensure that they can be recovered. This is done by powering on the backed up VM directly from the compressed and deduped backup repository without extracting it first. The VM is isolated from the rest of the network so it won't affect the original production VM that the backup was generated from. Once the VM is powered on, the verification then consists of checking the VM's heartbeat that's generated from VMware Tools, and also pinging it. This verifies that the operating system was able to successfully boot; you can additionally specify test scripts to run to verify that applications are running properly and data is accessible. For more information, Veeam has made a video that shows Veeam SureBackup in action.
Veeam Backup and Replication has other new features that are based on the ability to run a VM from a backup repository. Veeam calls this ability vPower. In addition to SureBackup, these features also leverage vPower:
- Instant whole virtual machine recovery: A VM can be instantly powered on from the backup repository and moved back to a host using the Storage VMotion feature
- Instant file-level recovery: A VM can be instantly powered on from the backup repository and individual files copied from it to a restore destination
- Universal application-item recovery (U-AIR): Using a workflow process, individual application items (e.g., database records) from supported applications like Exchange and SQL Server can be easily restored
With SureBackup and instant VM recovery, Veeam is basically turning the Veeam Backup and Replication server into a NFS server that's attached to an ESX/ESXi host using the host's built-in NFS client. Once that's done, the Veeam Backup and Replication server can present a virtual disk file for the VM from any existing restore point to the ESX/ESXi host so it can be powered on. Once the VM is powered on, the backup image remains read-only and any changes made while the VM is powered on are written to a delta file (just like VM snapshots) and discarded afterwards. Besides recovery verification and instant recovery, this technology allows you to create a sandbox or lab environment from VM backups that you can use for troubleshooting or testing purposes without effecting your production VMs. The restored VMs are kept isolated on the network from the other VMs by using internal-only vSwitches that have no physical NICs, and using a special routing proxy appliance that is automatically deployed to allow controlled communication with outside networks. The appliance also uses IP masquerading and routing tables to avoid IP address conflicts between production VMs and the backed up VMs.
With Veeam Backup and Replication 5, Veeam is changing its licensing model for Backup and Replication and splitting it into two editions: Standard and Enterprise. SureBackup is included in both, but is a manual process in the Standard edition and fully automated in the Enterprise edition. The U-AIR feature is only included in the Enterprise edition. The instant file-level recovery is limited to only current backups in the Standard edition and all archived backups in the Enterprise edition. In addition, the on-demand sandbox feature is only available in the Enterprise edition.
These new features in Veeam Backup and Replication will provide companies with some new capabilities and will help make the backup and recovery job an easier one.
About this author: Eric Siebert is an IT industry veteran with more than 25 years experience covering many different areas but focusing on server administration and virtualization. He is a very active member in the VMware Vmtn support forums and has obtained the elite Guru status by helping others with their own problems and challenges. He is also a Vmtn user moderator and maintains his own VMware VI3 information website, vSphere-land. In addition, he is a regular blogger and feature article contributor on TechTarget's SearchServerVirtualization and SearchVMware websites.
This was first published in November 2010