How I'm protecting vCenter in my environment
I'm on Reddit for both productive and unproductive reasons. Recently on the /r/VMware subreddit, there was a discussion asking redditors how they're protecting they're vCenter servers. This got me thinking about what I'm doing for my current vCenter server and what my options are going forward as my virtual infrastructure changes.
* According to Unitrends, VMware itself doesn't support backing up a vCenter appliance directly. It runs a vPostgres database that doesn't support application quiescence, meaning the in-memory pages of the database are not omitted and could result in a restored VM being corrupt. Also, during the snapshot process (which is what Unitrends UVB uses in it's backup procedure) the VM will fail to issue some commands from other hosts, which would cause any in-progress snapshot, disk consolidation or vMotion jobs to fail.
I'm in the midst of an upgrade as I write this post, so at the time I wrote the majority of this post, we're on the v5.5 Windows server with a local MSSQL database for both VUM and vCenter. Our VM-level backup solution (Unitrends) recommends not backing up your vCenter VM with UVB so we don't do VM-level backups against that server*. The situation they described is one I can only analogize as standing in the tree branch you're cutting.
* According to Unitrends, VMware itself doesn't support backing up a vCenter appliance directly. It runs a vPostgres database that doesn't support application quiescence, meaning the in-memory pages of the database are not omitted and could result in a restored VM being corrupt. Also, during the snapshot process (which is what Unitrends UVB uses in it's backup procedure) the VM will fail to issue some commands from other hosts, which would cause any in-progress snapshot, disk consolidation or vMotion jobs to fail.
The local SQL DBs are backed up via DPM (the System Center kind). I also have a PowerCLI script that clones a VM, renames it and creates an email report. However, I'm only using it for a few virtual appliances that only support their own slow backup/restore methods (I'm looking at you Cisco).
Moving forward, we're planning on migrating from the Windows vCenter server to the newer Linux-based VCSA which means the way I'm protecting my vCenter server currently won't work. My simplistic clone script will work but I want something more robust. A fellow Redditor mentioned vSphere Data Protection (vDP), which is VMware's own VM-level backup solution.
vDP is very cool and easy to setup. I won't go through everything about it, but rather this is just an introduction. The deployment and configuration of the vDP appliance could be a post in itself. As mentioned, the vDP is a small appliance you deploy into your environment, configure (give it networking and some storage) and create backup jobs with.
There's really not much more to it. Create a backup job for it (the VCSA) and understand how you can restore it. You can do an emergency restore by restoring the VCSA to the same host that has vDP on it. To do this, I recommend using DRS rules to keep the VCSA and the vDP appliance together and tied to a single host. That way, should vCenter go tits up, you can log directly into that host with the old fat client, disassociate that host and then log into the vDP appliance. There's a direct-to-host emergency restore method so you can restore the VCSA very easily to the same host where vDP resides.
I highly recommend checking out the vDP if you're looking for VM-level protection of your vCenter machine, Windows server, or appliance. You can check out VMware's own FAQ HERE.
vDP is very cool and easy to setup. I won't go through everything about it, but rather this is just an introduction. The deployment and configuration of the vDP appliance could be a post in itself. As mentioned, the vDP is a small appliance you deploy into your environment, configure (give it networking and some storage) and create backup jobs with.
There's really not much more to it. Create a backup job for it (the VCSA) and understand how you can restore it. You can do an emergency restore by restoring the VCSA to the same host that has vDP on it. To do this, I recommend using DRS rules to keep the VCSA and the vDP appliance together and tied to a single host. That way, should vCenter go tits up, you can log directly into that host with the old fat client, disassociate that host and then log into the vDP appliance. There's a direct-to-host emergency restore method so you can restore the VCSA very easily to the same host where vDP resides.
I highly recommend checking out the vDP if you're looking for VM-level protection of your vCenter machine, Windows server, or appliance. You can check out VMware's own FAQ HERE.
Comments
Post a Comment