Although administrators have long accepted the need for backing up individual virtual machines, it has become increasingly...
important to also protect the virtualization hosts and the virtualization infrastructure as a whole. This article explains some reasons why you should consider protecting your virtualization infrastructure, as well as discussing some specific components that need to be protected.
The virtualization infrastructure is more complex than it used to be
One of the best reasons for protecting the virtualization infrastructure through backups is that the virtualization infrastructure is much more complex today than it was a few short years ago. There was a time when it was no big deal to reinstall hypervisors such as VMware or Hyper-V. Today, however, even a standalone host server can contain a variety of configuration elements that are not necessarily easy to replace.
One of the best examples of this is the virtual switch. Both Microsoft and VMware offer virtual switch extensibility, which means that vendors can build virtual switch plug-ins that enable virtual switches to be managed or monitored in a manner similar to that of a physical hardware switch. Virtual switch extensions are a type of hypervisor customization that must be protected through backups. Why use a virtual switch? Because the virtual machines can't communicate with the network without it.
Even if your organization does not use virtual switch extensions, there may be other types of configuration data that need to be protected. For example, VMware 5.1 offers a built-in firewall, and the firewall rule collections can become quite complex. Without a proper backup, these rule collections are at risk of being lost.
You need to protect virtual machine snapshots
One of the best ways to protect your virtualization infrastructure is through host-level backups. Host-level backups are run against a virtualization host as a whole and protect both the virtual machines and the hypervisor. One reason why this type of backup is so important is because there are critical virtual machine components that do not get backed up if you simply perform backups of individual virtual machines (at the guest level).
Guest-level backups occur inside an individual virtual machine. When you perform this type of backup, the backup software cannot see the underlying virtualization components. One side effect to this is that any snapshots that might exist for the virtual machine are not backed up. This problem can be avoided by simply backing up the host server as a whole.
Manually rebuilding virtual machines is a bad thing
Another element that can be lost if you are only backing up your virtual machines at the guest level is the virtual machine configuration. The virtual machine configuration refers to the physical hardware that is allocated to the virtual machine. This includes things such as CPU cores, memory and network adapters.
On the surface it probably does not seem like a big deal to lose the virtual machine configuration. After all, a virtual machine's configuration can be rebuilt in a matter of a couple of minutes (assuming that you know how the virtual machine is supposed to be configured).
The loss of the virtual machine configuration is most problematic with regard to the virtual machine's operating system. Suppose for a moment that you manually created a virtual machine, assigned to the virtual machine the proper configuration, and then performed a full restoration of that virtual machine. If the virtual machine was running Windows Server, then the Windows operating system will most likely detect a hardware change. This hardware change isn't usually significant enough to prevent Windows from operating correctly, but it usually will require Windows to be reactivated. This can be a problem unless you have a volume license key, because each Windows product key can be used for a very limited number of activations. If the virtual machine has already been reactivated more than once, you might find yourself in a situation in which you are unable to activate Windows.
Clusters need protection, too
Another reason why it is so important to protect the virtualization infrastructure is because failover clusters depend on cluster-level configuration data. Each node in the failover cluster maintains its own copy of the cluster configuration data, so there is theoretically little chance of the cluster configuration data being lost. However, the cluster configuration data can be inadvertently modified or corrupted. If this happens, the corrupted or modified data can be propagated to all of the other nodes in the cluster, which, depending upon the nature of the modification, can cause the cluster as a whole to fail. The best way to protect against this type of failure is to make regular backups of your failover cluster nodes.
There are a number of different reasons why it is important to protect your virtualization infrastructure. Ultimately, an organization's virtual machines are what really needs to be protected, but the virtual machines depend on the underlying virtualization infrastructure, and that infrastructure needs to be protected in order to ensure ongoing functionality.
About the author: Brien M. Posey, MCSE, has received Microsoft's MVP award for Exchange Server, Windows Server and Internet Information Server. Brien has served as CIO for a nationwide chain of hospitals and has been responsible for the Department of Information Management at Fort Knox. You can visit Brien's personal website at www.brienposey.com.