6 Battle-Tested Practices to Avoid Data Loss

VM Backups: 6 Battle-Tested Practices to Avoid Data Loss

Greg Shields Microsoft MVP and VMware vExpert

2


IntroductionThe need for data protection has existed since the first IT department began delivering business services. This need will never change.

What are the strategies you use to protect your data? That shift in strategies has grown even more important with the widespread embrace of server virtualization. Backup and restore solutions that worked with reasonable efficacy in physical environments are in many cases, ill-suited to accommodate the unique aspects of this new “virtual world”.

Avoiding the pitfalls of using the wrong backup solution for your data protection needs requires a two-fold approach. First, data protection policies and procedures must be put into place and need to align with today’s more-stringent business requirements. Second, your selected backup approach — also known as the chosen “solution” — must be designed for the virtual environment you have today, but must also support the changing environment you will continue to have. That same approach and solution must further support the changing environment you will have into the medium-term future.

What follows are a series of suggestions — a CIO’s Guide if you will — to mapping your business requirements to the strategies in data protection now seen in the IT marketplace.

3


Data Protection PlanningEvery business needs to protect its data, but how and to what degree? The answer starts with the business drivers that created the need for the applications and data in the first place. It is safe to assume that applications are deployed to meet specific business needs, and these needs will differ in their relative importance. For example, a 24x7 customer service application will need greater protection than a developer’s sandbox. Additionally, service Level Agreements should specify expectations for the varying degrees of data protection that should include Recovery Point Objectives and Recovery Time Objectives. An RPO defines the amount of data that is permitted to be lost in terms of time. Nightly backups meet a 24-hour RPO, but are insufficient for narrower time frames. RTOs define the window of time allowed to recover data or a service in the event of a failure. For example, your staff may be able to function without a document management system for several hours, but it’s the minutes, however, that matter when the failed service directly affects a customer-facing website. Business services with near-continuous operational requirements demand high-availability solutions in addition to backups.Today’s backups are needed in an ever-growing range of scenarios: at one extreme are requirements in the event data or an application requires restoration and at the other extreme, is the disaster recovery situation where an entire data center requires resurrection. In the physical world, resolving these situations has in many ways grown mundane. When someone accidentally deletes a file or corrupts a database record, the resulting data can be extracted from an earlier backup and restored without disruption. Even in the disaster recovery situation, where multiple services are disabled or degraded at once, can now be protected with the right combination of product and planning. Too often forgotten, however, are the requirements for documented plans in the excitement of bringing new solutions online. In order to meet the full range of backup scenarios, data protection procedures must include support at the server, file, and application level.It is no surprise then that with the growth in complexity of IT applications and infrastructures, so grows the complexity of backups. Lacking a solution that fits, a physical server failure might only be resolved when a replacement of similar configuration is available. Restoring application objects requires solutions that recognize application-specific procedures, and these procedures — whether automated or manual — are required to maintain data dependencies, such as restoring database records to multiple tables and updating indexes to reflect the change. And as an executive, the tactics used by your teams must include support for the full range of possible backup and restore scenarios.

4


Regardless of whether you are protecting data in virtualized or non-virtualized environments, an evolving set of best practices exist for ensuring efficacy in data recovery. These include:• Establishing SLAs that quantitatively define RPO and RTO objectives.

The objectives will vary according to the importance of applications and data to the organization.

• Sticking to SLAs that should be service-centric, not server-centric, and absolutely not datacenter-centric. Different portions of your IT infrastructure are levied different priorities, and their data recovery requirements should reflect that prioritization.

• Ensuring your backup strategy accommodates application-specific backup requirements is crucial. Email systems, relational databases, and other data management systems require more complex restore operations than file restores. These applications may have their own built-in backup and restore functionality, which may or may not meet your needs. A solution of value will either work in concert with those built-in systems or replace them all together.

• Instituting prioritization for disaster recovery situations to ensure the order in which services are brought back on line is in line with your business needs. A mapping of service dependencies assists with generating this priority order.

• Considering (carefully) your Recovery Point Objectives for disaster recovery. And understand, they may not be the same as your backup requirements. For example, you may tolerate a 24-hour RPO for backing up financial data under the assumption that a certain quantity of data can be re-entered. In a disaster situation, physical records may be destroyed and experienced staff may be unavailable to restore lost transactions. In this scenario, you may want to mirror transactions to a fail-over system. This could also help in the event of an isolated data loss incident on the primary system as well.

• Determining if the business can tolerate degraded performance in a disaster recovery situation is another best practice for ensuring the effectiveness of your overall plan. Virtualized machines can operate with reduced resource allocations on disaster recovery servers. This enables disaster recovery hosts to run more VMs on a single physical server. Doing so enables you to deploy a DR datacenter with fewer physical resources, and lower cost over the long term. This may be an option for some services but not others, so it is recommended to assess this option on a service by service basis.

Virtualized environments offer advantages to non-virtualized environments with respect to data protection. Too often forgotten is the realization that those advantages are not automatic. They also require data protection solutions designed for the unique requirements of virtualization.

5


Specialized Backup Applications for Virtual EnvironmentsIn many ways, virtual machines function similarly to physical servers. They run standard operating systems and function (to users) with minimal differences than their physical counterparts. Nearly every enterprise application can run within a virtual environment. And most vendors have evolved their support agreements and updated code architectures to support virtual environment hosting, though not all. That said, an evolved enterprise application does not necessarily mean an enterprise application with evolved data protection support. While system administrators and application users can ignore most of the differences between virtual and physical servers, one cannot automatically assume the same in regard to how they’re backed up.

Conventional Backup Applications in Virtualized Environments: ChallengesUnlike backups from the past, today’s backups leverage a wide range of approaches for accomplishing the task. Backup and restore programs no longer function strictly within the operating system. In a typical non-virtualized environment, a backup agent runs on a physical server and executes backup operations for that particular server. The agent functions with a backup server that writes data to disk or tape.The same isn’t necessarily true in the virtualized environment. In principal, backup agents could continue to source backup data from the perspective of the virtual machine. Doing so accomplishes the task little different than in the non-virtualized scenario. Our industry is fast learning that this approach, however, does not work well for virtualized environments. On a virtualized server it is the hypervisor, not the guest operating system, which possesses the greatest visibility into how physical resources are being used. Thus, multiple backup agents running at the same time can have an adverse impact on performance. At first glance, one may be tempted to believe this problem can be avoided through careful scheduling of backups. While possible, virtual machines are not static in either their operation or their location inside the virtual environment. At any point, they may be automatically migrated from one physical server to another to optimize the use of available physical resources. As a result, it is naïve to assume one can know the mix of VMs to their physical servers at any point in time. That’s not good for any kind of manual scheduling function.

6


Virtualization-Aware Backup Software: OpportunitiesIn fact, the IT industry has come to realize that the entire notion of scheduling goes against the activities in virtual environments. And replacing this approach is eliminates the reliance on backup windows entirely. This new approach starts with an initial backup, and then focuses its efforts onto incrementally capturing what changed during periods of time. The result is a near-continuous level of protection, backing up data constantly at or near its moment of change.At a high level the process is remarkably simple. The data that constitutes a virtual machine is contained within a small number of very large virtual disk files. These disk files are in many ways, no different than the very large database files used by common enterprise applications like Active Directory, Exchange, SQL, or Oracle. During an initial backup operation, the VM is halted for an extremely short period of time using a process known as quiescence. This creates a data file that ensures a consistent data state within the virtual machine. With the state identified, the VM continues to run while a backup is performed on its data file. Changes that occur during the period of the backup are reintegrated with the VM once the backup is complete. With the right data protection software, this process is only necessary for a VM’s initial backup. Such software can then begin collecting an index of changed data blocks. Smaller in size than the original backup, these blocks then become the subsequent unit of backup and only those blocks which have changed actually require backing up. Due to their extremely small size, this activity can occur on nearly a real-time basis. The smart CIO recognizes this advantage towards narrowing their RPO window. If a physical server fails or a database becomes corrupted, restoring from practically any period in the past is now possible. By intelligently backing up only changed data, you can backup more frequently, and more frequent backups means a reduction in data loss which is important for ensuring the reliability of restores.

The CIO’s Data Protection ChecklistThe intelligent CIO also knows that products alone don’t create a business workflow. While products and solutions can help simplify resolving business requirements, they’re little more than software on disk if you don’t have the processes in place that integrates them with people and activities. Consider the following items as important for your data protection checklist. Each should be customized according to the value of the business operations supported, but understand that ALL are fundamentally important for protecting your business data.

• Identify individuals primarily responsible for backup activities. Ensure that they’re given quantitative measurements for identifying success.

• Choose backup solutions that meet business requirements, while leveraging the unique behaviors found within virtualized environments. Avoid gaps between requirements and those capabilities advertised by your chosen solution. Focus on virtualization-aware backup platforms to improve the efficiency of backup operations and the flexibility of restore operations.

7


• Look carefully at solutions that claim to eliminate the limitations associated with backup windows. Technologies that focus on changed blocks rather than files and folders as the unit of backup may offer the best solution for meeting this need.

• Ensure sufficient hardware exists in support of disaster recovery needs. Virtualization masks many kinds of architecture differences, allowing for more flexible deployment of virtual machines. Understand how differences in hardware at a disaster recovery site might impact disaster operations. A lack of investment for disaster recovery resources, such as storage and software features will cripple the ability to execute a DR plan of any scale.

• Seek products that offer “views” of backup data. These provide maximum flexibility in restoring data to a particular point in time. They further enable spinning up non-production replicas of production environments, to be used in automated testing, user-centric restores, single-step restores of in-VM data, and a host of other capabilities that go beyond simple data recovery needs.

• Pay special attention to automating the entire process of testing backup files. As VM backups are files themselves, views of their data can be automatically created, started, tested, and shut down when paired with the right solutions.

Your backups are important, in many ways as important as the servers they protect. Finding the right fit for backups in today’s physical and virtual environments means seeking solutions that meet every requirement. Finding that fit also means incorporating the right processes that integrate those solutions into your business operations.

8


About the AuthorGreg Shields, Microsoft MVP and VMware vExpert, is an independent author, speaker, and IT consultant, as well as a Partner and Principal Technologist with Concentrated Technology. With 15 years in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft OS, remote application, systems management, and virtualization

About Veeam Software

Veeam Software, an Elite VMware Technology Alliance Partner, develops innovative software to manage VMware vSphere®. Veeam vPower™ provides advanced Virtualization-Powered Data Protection™ and is the underlying technology in Veeam Backup & Replication™, the #1 virtualization backup solution. Veeam nworks extends enterprise monitoring to VMware and includes the nworks Management Pack™ for VMware management in Microsoft System Center and the nworks Smart Plug-in™ for VMware management in HP Operations Manager. Veeam ONE™ provides a single solution to optimize the performance, configuration and utilization of VMware environments and includes: Veeam Monitor™ for easy-to-deploy VMware monitoring; Veeam Reporter™ for VMware capacity planning, change management, and reporting and chargeback; and Veeam Business View™ for VMware business service management and categorization. Learn more about Veeam Software by visiting www.veeam.com.

About Concentrated Technology, LLCConcentrated Technology was founded by IT industry experts Don Jones and Greg Shields to provide concise, accurate education in business technology topics. The company writes to a range of audiences from the C-level to the trenches, with a focus on practical technology solutions for today’s business challenges. For more information, visit www.concentratedtech.com.

http://www.veeam.com

http://www.veeam.com/products.html

http://www.veeam.com/vmware-esx-backup.html

http://www.veeam.com/vmware-esx-backup/features.html

http://www.veeam.com/vmware-microsoft-esx-monitoring.html

http://www.veeam.com/vmware-esx-monitoring-hp-operations.html

http://www.veeam.com/vmware-esx-monitoring-hp-operations.html

http://www.veeam.com/one-vmware-management.html

http://www.veeam.com/vmware-esx-monitoring.html

http://www.veeam.com/vmware-esx-reporter.html

http://www.veeam.com/vmware-business-view.html

http://www.veeam.com/vmware-business-view.html

http://www.veeam.com/

Veeam Backup & Replication™Extending the lead in VM backup with these new capabilities:

Enterprise scalability: new distributed architecture streamlines deployment and maintenance of remote office/branch office (ROBO) and large installations.

Advanced replication: accelerates replication by 10x, streamlines failover, and provides real failback with delta sync.

Multi-hypervisor support: brings Veeam’s award-winning data protection to Microsoft Hyper-V and lets you protect all your VMs— VMware and Hyper-V— from one console.

and more!

v6NEW!

To learn more, visithttp://www.veeam.com/backup

GOLD

of the

2010ProductsYear