Let’s face it, we’re not very good at backups. It’s nothing to be ashamed about. Few organisations could one hundred percent put their hands on their hearts and say, “Yup, we’ve got it covered!” And as my esteemed colleague Tony Lock likes to point out, even places that think they have backups taped (if you’ll excuse the pun) …
1 year on
We've been steadily virtualising for almost 12 months now and so far have chosen to backup our VMs as if they were physical servers. The reasoning being that snapshotting can cause issues when attempting to convert or migrate VMs and the VHD files are, in our opinion too dynamic to risk backing them up along with the host. We also know that our VMs are always-on as they're all production servers.
Fortunately we're able to mitigate bottlenecks with the use of RAID and addidtional NICs on the hosts, that said as we've recently overhauled the backup appliance itself it's difficult to accurately idenfity potential issues yet.
What I'd like to see is the hypervisor management tools such a Virtual Machine Manager incorporating some form of backup functionality, afterall these solutions are soley designed to centrally manage the virtual estate and include the ability to store VMs in a SQL database for rapid deployment and an extension of that software to at least faciltate better backup solutions could be the answer.
Whatever you do
you must test the integrity of the backup.
Backups are only useful if you *know* you can restore from them. Until you have proved that, they're just a waste of storage and a bigger waste of time. The nice thing about virtualisation is that it's so easy to snap your metaphorical fingers and bring a new instance into existence to restore onto. That makes verifying your backups very easy (provided you don't make the beginner's mistake of duplicating the IP address of the backed up VM on your network!). If only more people would do this last, final but oh so critical step there'd be a lot less downtime and maybe fewer vacancies, too.
That reminds me.
After a series of unpleasant backup / recovery moments, I was invited to a service review meeting to which representitives of the backup team were also invited. They proudly announced that due to their diligent and Herculean efforts they'd managed to raise backup success to 96%.
As several of their high-profile failures had dumped on me, I decided to take my revenge* by innocently asking how many of those "successful" backups could actually be restored. They finally admitted, after many attempts to waffle around the issue, that testing such was, er, on the to-do list.
They were the offal in the sharkpool of service management.
*Ice-cold it was too. Yummy.
Personally, I trust my VM backups more than my tape ones. I've been using Esxpress for nearly 3 years and love it. The latest version, imho, has settled to the point where i'm happy to deploy it in production globally. Dedupe of backups currently gives me 20:1 ratio, I replicate my VMs to a few spare servers in another datacentre so I have warm site for very little cost and having both VM and file-level backups in one is very handy.
Before cloning of live VMs came in, I used the restore to deploy copies of VMs for testing, so at one point I was restoring VMs at least once a week - I've never had a bad restore so far.
I understand the concern in backing up live VMs and I've only needed to do it on some VMs, but you can run scripts on-snapshot if you need to stop a process/application for a time.
Not saying it fits for everyone, but it ticks everything I need in a backup.
VMware guest/image backup
Full disclosure: I am an EMC employee.
Having said that, I have written extensively about the issues around guest level backups vs. VCB and vSphere 4.0 image level backups here: http://thebackupblog.typepad.com/thebackupblog/2009/12/vmware-backup-with-avamar-50-and-vsphere-40.html There are 3-4 posts that follow this all on the same subject.
Reader's digest version? You can't easily get application consistent image level backups, so you are better off doing guest level backups.
Bane of my existance.
Data Protection Manager - job done, physical & virtual servers.
DPM is fantastic!
...and I want it so very badly. Sadly, this requires that mythical substance known as "money." This is something you can not pry out of the hands of the copper-counters with a plasma rifle.
No matter the business case, they seem unable to pay for any form of software based on the concept "it saves [individual] time." (The way they work things here is that you get paid a salary, no overtime, are on call 24/7, pay for you own support cell, and are expected to do everything on as shoestring a budget as is possible.) If the copper counters are made aware of any purchase, you are constantly being asked "is this purchase absolutely necessary, or can we do without it." This is a fair enough concept, but runs into some conceptual walls with certain people. For example: it is fairly easy to get funding to replace a component that has failed in a system…the system won’t work without that component replaced, thus the need is clear and immediate.
I have had hours-long meetings trying to explain why we keep a small supply of “spares” around. “This is a spare disk. We pop it in system X, RMA the bad drive, and the bad drive is now the new spare.” The concept that these are not destined for any particular system, (and indeed will be unlikely to end up in any particular system,) is completely beyond them. We even had a period where we would have to ship back entire 3U servers to RMA a single bad hard drive. [Insert facepalm] (This, entirely because the copper-counters needed some arcane voodoo to work out on their papers.)
The copper-counters don’t mind paying for hardware, because it tangible. They don’t mind paying a licence for, say, a copy of Photoshop, or an operating system, because they can mentally associate “this product is used by that person for this task.” Things get fuzzier around the idea of CALs, and when you wade into the realm of “software that runs automatically and/or in the background” you’re deep into ‘never gonna happen” land. If they don’t understand exactly how it works, and why it is needed there is no way you’ll get the money. They certainly aren’t going to give me any software worth more than the hardware it runs on.
No DPM, no VMWare management suite, no VMotion…nothing. I am a kept man. :(
AC so nobody can prove anything!
Check out this firm
Full tapeless backups of 40 platforms, unified infrastructure, scalable, no per-server licenses or agents to buy (sold by capacity only), runs a hardened Linux system, and it;s FAST. Fully support VMWare backups and restores, including P2V and V2P recovery across dissimmilar hardware (not all OS platforms).
I worked for them for a few years. Since I've left, I still have not found a better product. I wouldn't call it "Enterprise Class" as in, backing up more than a few hundred servers with their infrastructure would be a hell of a lot of work and therte are better mass-scale systems for that, but for 1-500 servers, nothing is better that I've found.
btw: i got laid off by them, so I have no real love for the company, and I certainly have no benefit from supporting their product, but they have great people and an absolutely incredible product. (and it's about half the price of anything EMC or Symantc are offering, especially when you get into lots of small servers vs a few big ones).