vmware backup: top 10 best practices...nakivo backup & replication delivers backup and recovery...
TRANSCRIPT
VMware Backup: Top 10 Best Practices
with NAKIVO Backup & Replication
White Paper
White Paper
2
Executive SummaryVMware delivers powerful virtualization software for creating and managing a virtual infrastructure. By simulating hardware functionality and creating a virtual computer system consisting of virtual machines (VMs), VMware vSphere offers businesses greater operational flexibility, reduced overhead and simplified administration.
When it comes to protecting VMware environments, businesses look for backup and recovery software that are just as agile and efficient as their virtualization software. To help businesses back up and recover vCenter-managed and standalone ESXi workloads in their VMware vSphere environments, this whitepaper lays out the best practices for protecting VMware VMs with NAKIVO Backup & Replication. The 10 VMware backup best practices cover the three phases of the data protection process: Data Protection Strategy and Planning, Optimizing the Backup Process and Improving Data Protection Efficiency.
Phase I: Data Protection Strategy and PlanningBy formulating a robust data protection strategy, a business sets expectations, improves accountability and establishes uniformity. A data protection strategy defines concrete standards and objectives for data backup and recovery. It also makes it easier to communicate IT budgeting needs by establishing a link between infrastructure capacity and data protection metrics.
Phase I best practices:1. Use the latest versions of VMware vSphere and NAKIVO Backup & Replication.2. Design your data protection strategy to match business needs.3. Assess your ability to meet objectives in terms of resources and personnel.4. Secure your backup environment.
Phase II: Optimizing the Backup ProcessImplementing a data protection strategy should not compromise operational efficiency or hog all of a business’s resources. To avoid putting a strain on storage requirements or network bandwidth, NAKIVO Backup & Replication includes a suite of features designed to enhance VMware backups and improve results for businesses. It is critical that you understand how they work and how to use them.
Phase II best practices:5. Minimize the size of VMware backups.6. Leverage application-aware backups.7. Verify VM recoverability.
White Paper
3
IntroductionNAKIVO Backup & Replication delivers backup and recovery functionality designed specifically for VMware vSphere environments. The data protection software leverages native VMware tools and offers other tools to simplify administration, streamline processes and optimize performance. With two-minute installation and configuration and no special technical training required, you can begin protecting VMware VMs nearly instantly. However, to ensure the optimal use of your resources and the recoverability of your data with NAKIVO Backup & Replication, follow NAKIVO’s 10 best practices in VMware data protection. These best practices are designed to address both the technical aspects of VM backup and recovery, such as network load management, and strategic aspects, such as defining recovery metrics and auditing backup procedures. They cover the three phases of the data protection process. They aim to clarify how specific activities contribute to the larger objectives of data resiliency, high availability/low downtime and cost reduction.
Data Protection Strategy and PlanningThe best way to ensure your VMware vSphere environment is protected is by formulating a data protection strategy. While the process may initially appear daunting, it can be completed in four simple steps. First, ensure you are using the latest versions of VMware vSphere and of NAKIVO Backup & Replication. Second, define RTOs and RPOs based on the business’s needs. Third, assess whether you can meet the RTOs and RPOs based on existing bandwidth and storage capacity, VMware backup software and processing power. Fourth, ensure that both the backups themselves and the backup solution are secure.
1. Use the latest versions of NAKIVO Backup & Replication and VMware vSphere.Before getting into the details of strategy and planning, make sure that you are using the most up-to-date versions of VMware vSphere and NAKIVO Backup & Replication. New versions of VMware vSphere come with advanced features to simplify management of your
Phase III: Improving Data Protection EfficiencyLike a business environment, an IT infrastructure is not static. To maximize efficiency, you should continually look for ways to reduce complexity, improve recovery times and verify that established processes are still the best fit for your current situation.
Phase III best practices:8. Perform the most efficient type of recovery.9. Automate data protection.10. Adjust to changing circumstances.
White Paper
4
virtual infrastructure, improve performance and increase security. NAKIVO regularly releases new NAKIVO Backup & Replication features that include new backup destinations, expanded recovery options and advanced administration and management tools.
If an update is available for NAKIVO Backup & Replication, the Notifications button will appear on the left navigation bar of the NAKIVO Backup & Replication dashboard. You can choose to download and update at once or schedule for it to be performed at a later time.
2. Design your data protection strategy to match business needs.For the vast majority of businesses, every department – from core operations to HR and accounting – relies on data and application availability. Yet, in the same way that different business units have varying levels of importance for a business, data and applications have varying levels of criticality. As a result, businesses should trace which departments are most important to business operations and which applications and data they rely on. Once you have a clear understanding of how business operations depend on different applications and datastores, you can divide the applications and datastores into priority levels. For each priority level, you should create expected recovery times and amount of data that can be lost. This step helps establish predictability and accountability. The most relevant metrics are:• Recovery Time Objective (RTO) – refers to the time it takes to resume operations after a
disruption. An RTO signifies the maximum amount of downtime a business can afford as an acceptable risk.
• Recovery Point Objective (RPO) – refers to the maximum amount of data that a business can afford to lose as an acceptable risk. An RPO will determine how often backups are performed.
3. Assess your ability to meet objectives in terms of resources and personnel. It is not enough to simply define tight recovery metrics and expect results. The effectiveness of VMware backup and recovery is a direct function of the IT infrastructure: storage capacity, network bandwidth, CPU power and IT personnel. As a result, businesses need to clearly understand how much of these resources can be devoted to backup and recovery in normal circumstances, operational recovery scenarios and disaster recovery scenarios.
Once you have mapped your infrastructure and capacity limits, you can plot out whether you can meet your recovery metrics. If the metrics are too ambitious, you should recalibrate the metrics to an achievable level. Alternatively, if tight metrics are a strategic priority for the business, you should seek the budgeting necessary to meet the goal.
4. Secure your backup environment.Your entire backup environment is a target for malicious, unauthorized access and activity. To remain secure, you need to protect both your VMware backup software as well as the VMware backups themselves. Your VMware backup and recovery solution presents a vulnerability because an attacker can prevent you from accessing your backups or an insider threat can use access to delete backups, resulting in costly data loss.
White Paper
5
To ensure that your data is safe and recoverable whatever the scenario, create a copy of your VMware backups and store them offsite. Ideally your VMware backup solution would allow you to create backup copies directly from backups without interfering with source ESXi hosts or VMs. You should also be able to send these copies offsite to a public cloud storage service like Amazon S3, Microsoft Azure and Wasabi Hot Cloud Storage.
To create a backup copy, click Create on the Dashboard and then Backup copy job. The New Backup Copy Job Wizard opens. On the Backups page, choose one of the three inventory views to create your backup copy job. For example, with the Jobs & Groups view, you can choose to create copies of existing backup jobs and groups.
To protect your backups against unauthorized access, use the role-based access control feature in NAKIVO Backup & Replication. It allows you to limit which users have access to specific data protection activities. You can also protect against this threat by enabling military-grade AES 256-bit encryption both for in-flight and at-rest data.
To apply role-based access control in NAKIVO Backup & Replication, click Settings in the left pane of the dashboard, go to the General page and click Users & Roles. Here you can add, manage and delete users. You can then assign roles and grant them specific permission to perform their tasks.
White Paper
6
Optimizing the Backup ProcessOnce you have developed your data protection strategy and secured your VMware backups, the next phase is to focus on the backup process itself. As an advanced VMware backup and recovery solution, NAKIVO Backup & Replication offers many features to increase the effectiveness and efficiency of backups. You should understand how these features benefit your business and how to employ them. This whitepaper focuses on the three most useful features: backup size reduction techniques, application-aware backups and VM verification. With these tools, you can ensure that backups are:• as small as possible, translating into lower storage costs• transactionally consistent for faster recoveries• fully recoverable
It is also important to note that NAKIVO Backup & Replication also supports backup for VMware fault-tolerant VMs.
5. Minimize the size of VMware backups.The larger the size of backups, the more storage space you need for them. The easiest way to lower storage requirements is to reduce the size of backups. By lowering your storage requirements, you can optimize existing hardware, resulting in lower CapEx (capital expenditure), and reduce monthly payments for cloud storage, resulting in lower OpEx (operating expense). The most common ways to reduce backup sizes are:• Deduplication• Compression• Incremental backups • Swap data and unused block exclusion• Log truncation
Backup deduplication reduces the size of backups by excluding duplicate data blocks from the backup. VMware VMs most often contain duplicates of data, such as VMs deployed from the same template, VMs with the same OS, and VMs that have some (semi)identical files, such as database entries. Block-level data deduplication enables you to reduce backup size by copying only unique data blocks to while replacing duplicated blocks with references to existing ones.
NAKIVO Backup & Replication automatically deduplicates all backups across an entire Backup Repository. This means that all data blocks, whatever the source, are taken into account by backup deduplication.
Compression further reduces backups by re-coding backups to consume less space. You can leverage deduplication and compression by editing the settings of a Backup Repository. To do this, click Settings in the left pane of the Dashboard and go to the Repository tab.
White Paper
7
Incremental backups work by only transferring data blocks that have changed since the last backup. When you choose incremental backups in NAKIVO Backup & Replication for vSphere, the software relies on VMware Changed Block Tracking technology to back up the new data. Swap data and unused block exclusion and log truncation deliver space savings by avoiding unnecessary data.
NAKIVO Backup & Replication customers can reduce the size of backups by selecting the techniques in the Options step of the New Backup Job Wizard for VMware vSphere. This gives you the flexibility to choose the perfect balance between size reduction and backup speed.
White Paper
8
6. Leverage application-aware backups.For business backing up VMware VMs that have databases and applications on them, it is important to perform application-aware VMware backups for maintaining transactional consistency. This ensures that when you perform a recovery, the databases and applications are up-to-date and ready to use. If you fail to perform an application-aware backup, then the backups will be crash-consistent, which means that they may not include portions of data and transactions kept in the memory.
With NAKIVO Backup & Replication, you can make VMware backups application-aware by selecting Enabled (proceed on error) or Enabled (fail on error) from the dropdown menu during in the Options step of the New Backup Job Wizard for VMware vSphere.
7. Verify VM recoverability.The worst time to discover that a VMware backup is not recoverable is immediately after a data loss event. The entire objective of backups is to protect you from exactly that eventuality – data loss. The best way to protect yourself from this situation is to verify that a VM backup is recoverable right after a backup (recovery point) has been created. VM verification is the process of checking that a VM is recoverable after a backup job is completed.
White Paper
9
You can set NAKIVO Backup & Replication to automatically verify VM recoverability by selecting your preferred method of verification in the Options step of the New Backup Job Wizard for VMware vSphere. NAKIVO Backup & Replication offers two methods of Instant Verification: Screenshot Verification and Boot Verification. With Screenshot Verification, NAKIVO Backup & Replication starts the VMware VM from the backup and takes a screenshot of the VM screen. With Boot Verification, NAKIVO Backup & Replication starts the VMware VM and checks whether the VMware tools are running. With either method, you can confirm the VM is recoverable by choosing to receive an email notification or checking the status on the web dashboard.
Improving Data Protection EfficiencyBy creating a data protection strategy and optimizing the backup process, you boost the effectiveness of your data protection activities. The next phase to target is the efficiency of your data protection activities. The objective here is threefold:• Ensuring quicker recoveries and shorter downtime by performing the most time-effective
type of recovery• Lowering administrative overhead by automating data protection activities• Optimizing resource usage and avoiding recovery gaps by adjusting to changing circumstancesNAKIVO Backup & Replication provides a range of features designed to achieve these objectives, but you need to understand the best practices that guide their use.
White Paper
10
8. Perform the most efficient type of recovery.The key to meeting tight RTOs is making sure that you perform the most efficient recovery for each scenario.
A full VM recovery is best used when you need to recover an entire machine. The most common use case for a full VM recovery is avoiding downtime after a VM has been deleted or a machine has failed or become corrupted. Granular recoveries, which refer to restoring files and objects instead of full VMs, are best used when a coworker has deleted or lost a specific item.
Physical-to-virtual recoveries refer to a physical machine backup restored to a VMware VM. P2V recoveries are most effective when your business has a hybrid environment using both physical machines and VMware VMs. There are two types of P2V recoveries in NAKIVO Backup & Replication: instant and full. Generally speaking, P2V recoveries share the same use cases:• Recover in the event of a physical machine failure• Create safe environments for testing and development• Perform physical-to-virtual migrations
There is a key difference between instant P2V recoveries and full recoveries. During an instant P2V recovery, the backup disks are mounted and exposed, which means they are perfect for quick deployment. Full P2V recoveries, on the other hand, create VMs that are ready for long-term use in a production environment. You can perform any of these recovery types by clicking the Recover icon on the Dashboard.
White Paper
11
9. Automate data protection.For businesses that manually perform backups, data protection is a time-intensive activity that pulls IT personnel away from other tasks. Furthermore, any slight oversight or mistake can have significant consequences. Therefore, automating data protection activities not only saves time, allowing IT personnel to allocate resources toward other core business projects, but also reduces the chance for mistakes to occur, thereby lowering a business’s risk profile. To automate your data protection with NAKIVO Backup & Replication, use the combination of policies, scheduling and job chaining that best fits your VMware vSphere infrastructure. Policies allow you to perform backups for entire groups of VMs based on preferred parameters, such as name, tag, size, and so on. If you make a change to a VM, NAKIVO Backup & Replication automatically recognizes the change and adds or removes the VM from a backup job in accordance with your policies. To create a policy, go to the Policy view of the Source step of the New Backup Wizard for VMware vSphere. You can then select multiple rules for your policy.
White Paper
12
Scheduling, which can be combined with policies, allows you to set routine backups to run on your preferred timetable. You can have VMware backups to run according to preset options, for example, daily or weekly, or create a custom schedule. To set a schedule, go to the Schedule step in the New Backup Wizard for VMware vSphere.
Job Chaining allows you to combine separate data protection activities into a single integrated workflow. A common use case, for example, is to chain a VMware backup job with a backup copy job. This allows you to create a backup and send backup copies to other storage devices without needing to constantly monitor when the backup job completes. You can chain jobs by going to the Schedule step in the New Backup Wizard for VMware vSphere and selecting Run after another job in the dropdown menu.
10. Adjust to changing circumstances.Situations evolve fast in both the business and IT worlds, which means that just because your backup strategy and practices were sufficient, does not mean that they are or will be
White Paper
13
sufficient. Efficient backup administration requires you to stay ahead of potential issues by proactively addressing changes at the micro- and macro-levels. At the micro-level, you have several tools to increase backup speeds and regulate network bandwidth availability in your network. NAKIVO Backup & Replication uses LAN-free storage access modes, Direct SAN access mode or HotAdd, for VMware backup jobs. By dividing production and backup data streams, the software increases backup speed and lowers the load on your network.
Network Acceleration can also help shorten backup windows and reduce network load when performing backups over WAN or in busy LAN environments. With Advanced Bandwidth Throttling, you can set limits on how much bandwidth backup jobs use. This means that you can perform backups during office hours without interfering with core business operations. If business operations suddenly need more or less bandwidth, you can adapt by changing the limit at any time. Network Acceleration is enabled in the Options step of the New Backup Wizard for VMware vSphere.
White Paper
14
To use Advanced Bandwidth Throttling, click Settings in the left pane of the main dashboard and then Bandwidth Throttling on the General page. You can throttle all your jobs with a Global rule or a specific job with a Per Job rule. Once you have created a throttling rule, you can also apply it to a specific job at the bottom of the page in the Options step of the New Backup Job Wizard for VMware vSphere.
HotAdd for VMware allows NAKIVO Backup & Replication to bypass the host’s TCP/IP stack, which improves VM backup and replication speed and reduces the load on the network. Direct SAN access, which significantly increases the speed of backup and replication while decreasing the load on your production network, is possible if the VMware VM is located on a Fibre Channel or storage area network (SAN).
You can apply HotAdd or direct SAN access for VMware backup jobs in the Options step of the New Backup Job Wizard for VMware vSphere. Click the dropdown menu for Transport Mode and select your preferred mode.
White Paper
15
At the macro-level, you need to regularly make sure that your data protection activities continue to protect your environment. The best way to ensure this is to audit your practices. One way to do this is to perform test recoveries to make sure that you are still able to meet previously set RTOs and RPOs. If you have the time, the best way to do this is to simulate different scenarios in which there are varying levels of available network bandwidth, CPU resources and urgency. Another way to audit your data protection practices is to check your VMware backups to make sure that all the data you think you are protecting is actually protected. Performing audits is time-consuming but doing so ensures that any protection gaps are discovered before it’s too late. This in itself can translate to significant cost savings.
ConclusionData loss caused by hardware failures, natural disasters, malware attacks, human error and other events will always be a threat to businesses. However, by combining VMware vSphere with NAKIVO Backup & Replication, you can mitigate the financial, operational and reputational costs of data loss without breaking the bank on IT costs. NAKIVO Backup & Replication offers all the tools you need to ensure recoverability, lower costs and reduce complexity right out of the box. But, if you want to take your protection to the next level by achieving higher efficiency and effectiveness, employ the VMware backup best practices suggested here and stay up to date with the latest news from NAKIVO Backup & Replication.
White Paper
16
Comprehensive Data Protection with NAKIVO Backup & ReplicationNAKIVO Backup & Replication is a fast, reliable and affordable solution that delivers backup, replication, instant granular recovery and disaster recovery from a single pane of glass.
The product protects virtual, physical, cloud and SaaS environments. NAKIVO Backup & Replication offers advanced features that increase backup performance, improve reliability and speed up recovery.
Deploy in under 1 minute Pre-configured VMware VA, Nutanix AHV and Amazon Machine Image; 1-click deployment on ASUSTOR, QNAP, Synology, NETGEAR, FreeNAS and WD NAS; 1-click Windows installer, 1-command Linux installer.
Streamline data protectionAutomatically protect machines matching policy rules, which can be based on machine name, tag, size, location, and so on.
Reduce backup sizeIncremental backups with CBT/RCT/CRT, LAN-free data transfer, network acceleration; up to 2x performance boost when installed on NAS.
Ensure recoverability Instant backup verification with screenshots of test-recovered VMs; backup copies offsite, to tape or Amazon S3, Amazon EC2, Wasabi or Microsoft Azure.
Protect Data Across PlatformsNative, agentless, image-based, application-aware backup for VMware, Hyper-V, Amazon EC2, Nutanix AHV; Windows/Linux physical servers and workstations; Microsoft 365 data; Oracle Database.
Increase backup speedExclusion of swap files and partitions, global backup deduplication, adjustable backup compression.
Decrease recovery timeInstant recovery of VMs, files, and application objects (Exchange, Active Directory and SQL); Site Recovery; instant and full P2V recovery.
Simplify managementSimple, fast, easy-to-use web interface, accessible anytime and anywhere – even from a mobile device.
About NAKIVONAKIVO is a US-based corporation dedicated to delivering the ultimate backup and site recovery solution. With 20 consecutive quarters of double-digit growth, 5-star online community reviews, 98% customer satisfaction with support, and more than 15,000 paid customers worldwide, NAKIVO provides an unprecedented level of protection for virtual, physical, cloud and SaaS environments. As one of the fastest-growing data protection software vendors in the industry, NAKIVO provides a data protection solution for major companies such as Coca-Cola, Honda, and SpaceX, in addition to working with over 5,000 channel partners in 140 countries. Learn more at www.nakivo.com.