So you’ve helped a customer virtualize their physical servers into virtual machines (VMs) and their environment
is running smoothly, but what’s your vSphere backup plan?
Chances are VMs are being backed up the exact same way as physical machines, with backup agents installed on the guest operating system (OS). This traditional physical server backup method works OK with VMs, but is less efficient and can cause performance problems in your customers’ virtual environments.
The performance issues with VM backup stem from the fact that the backup server is no longer directly connected to the target server’s OS, and it must traverse through the virtualization layer to get to the guest OS on a VM. This process has become inefficient as the backup server can no longer copy data directly, instead it must go through the host to get there.
Compounding the inefficiency problems is the excessive resource usage on a host. Backups are a resource-intensive operation and in addition to causing heavy network disk I/O on the target server, CPU and memory resources are utilized as well. In a traditional physical server environment, this typically only affects the target server that is being backed up. The big difference with virtualization backup lies with a host sharing a limited set of physical resources among many VMs, which means the heavy resource usage during backup results in less available resources for the other VMs on a host. This problem is exacerbated by multiple VMs being backed up simultaneously, which can cause resource bottlenecks and eventually severe performance degradation.
Solution providers can avoid these pitfalls by having their customers change their post-virtualization backup processes. Instead of backing up files through an OS backup agent (file-level), they need to back up the large VM’s virtual disk (vmdk) file at the virtualization layer, which is referred to as an image-level backup. A VM’s virtual disk resides on a storage datastore that is accessible at the virtualization layer. As opposed to going into the guest OS to get to that virtual disk, it’s much more efficient to access it directly without involving the guest OS. The backup server can now mount a VM’s virtual disk directly and copy it to a destination target that consumes minimal or no resources on the host.
Achieving image-level backup
Performing vSphere backups at the image level requires backup software that can integrate directly with the virtualization layer. VMware developed its vStorage APIs to allow applications to interface directly with storage at the virtualization layer. Most traditional backup applications such as Symantec’s NetBackup and Backup Exec have been updated over the years to support virtualization and image-level backups. A new breed of backup applications was also created to back up VMs such as Veeam Backup and Recovery and Quest vRanger Pro. VMware offers an application called VMware Data Recovery (VDR) that is included in all vSphere editions except for the entry-level Essentials edition. These backup applications can only back up VMs (no physical servers) and are designed to write only to target disk repositories (no tape).
Most of the backup applications that support virtualization use advanced techniques to back up VMs as efficiently as possible. Because image-level backups are performed outside the guest OS at the block level, techniques such as data deduplication and zero-block detection are used to reduce the amount of data that is backed up. Additionally, features such as Changed Block Tracking (CBT) that are part of the vStorage APIs for Data Protection can track all disk blocks on a VM that have changed from a point in time. CBT can greatly reduce the amount of time it takes to perform incremental backups because backup applications can simple query the VMkernel to find out what has changed since the last backup instead of trying to figure it out on their own.
More vSphere backup alternatives
By encapsulating a VM into a single virtual disk file, virtualization also enables some alternative methods for simple VM backups. A VM snapshot should never be used alone as a backup solution, but they are an enabler for image-level backups. A VM snapshot freezes a VM’s disk so it is read-only and can safely be copied while writes are put into a special delta file. Backup applications use VM snapshots before they perform an image-level backup and they delete the snapshot after the backup has completed.
The virtualization architecture also allows some alternate methods, aside from standard backup applications, to be used to back up VMs. These methods can be used for regular or ad-hoc backups. One method is using a script that makes a copy of a vmdk onto a target disk storage device. The disk target can be a Common Internet File System (CIFS) or Network File System (NFS) share or you can make use of local disk on your hosts to make backup copies of your VMs on shared storage. Scripts can also be scheduled to run on a regular basis; this can also be used to copy a VM to an alternate DR location.
Another vSphere backup method is to use the vCenter Server cloning feature to create a complete VM copy on another host or datastore. You can also export a VM that uses vCenter Converter (built into vCenter Server) to create another VM on a host or on a network share. Both cloning and exporting in vCenter Server can be set up as scheduled tasks that run on a regular basis. VARs should note that the free vCenter Converter standalone edition can also be used to export VMs but it cannot be scheduled.
Some additional techniques for creating ad-hoc VM backups, which can be handy before upgrades are performed, are tools such as Secure Copy (SCP), vmkfstools or the Datastore Browser that is built into the vSphere Client. SCP is a command line utility built into the ESX/ESXi console. You can also use Client SCP utilities like Veeam’s free FastSCP. Vmkfstools is another console command line utility that allows you to clone virtual disk files. Finally, the Datastore Browser in the vSphere Client allows you to download VM files from a host to copy virtual disk files and download them to a workstation. Before using any of these utilities, make sure you snapshot the VM to release the exclusive lock on the disk so it can be copied.
Taking advantage of vSphere backup applications that recognize and utilize the virtualization architecture will greatly improve your customer’s backup efficiency. You have multiple options to choose from for your customer’s VM backup, but make sure the option you choose works at the virtualization layer and not inside the guest OS. If you continue to let them back up their VMs using traditional physical server methods, you are doing your customers a disservice.
About the expert
Eric Siebert is a 25-year IT veteran whose primary focus is VMware virtualization and Windows server administration. He is one of the 300 vExperts named by VMware Inc. for 2009. He is the author of the book VI3 Implementation and Administration and a frequent TechTarget contributor. In addition, he maintains vSphere-land.com, a VMware information site.