Category: VBR – To Know

Tips using VBR

Posted on

SQL Reporting Server – Self Certificate & Veeam ONE

Veeam One is a splendid Advanced Analysis and Reporting tool for virtual and backup environments.

In an Enterprise architecture, the Veeam One roles are distributed on different Servers.

Let’s talk about the DataBase ( MS-SQL ), the Reporting Server ( SSRS ) and obviously the Veeam ONE Server ( VOS )

In this article, I will illustrate how you can streamline your reporting by creating an encrypted connection between Veeam ONE and the Reporting Server at the same time.

The procedure consists of three macro phases.

  1. The first creates the certificate that enables the HTTPS encrypted connection on the SSRS server.
  2. In the second, you configure SSRS to accept HTTPS connections.
  3. In the third, we configure the Veeam ONE server to use SSRS for reporting.

1- Creation of the certificate

If there is no certificate authority installed in your domain (like mine), you need to create a Self-Signed certificate.

Let’s see how to proceed:

On the SSRS , start a PowerShell console as administrator and run the following commands:

  1. New-SelfSignedCertificate -CertStoreLocation cert: \ LocalMachine \ my -dnsname NAMESERVER -NotAfter (Get-Date) .AddMonths (60) (replace NAMESERVER with your Server name).
  2. $ pwd = ConvertTo-SecureString ” yourpassword ” -asplainText -force (replace your password with a complicated one of your choice).
  3. $ file = ” C: \ MyFolder \ SQLcertificate.pfx ” (this is the location where the certificate will be exported ).
  4. Export-PFXCertificate -cert cert: \ LocalMachine \ My \< Thumbprint created from the output of the first command> -file $ file -Password $ pwd ( Copy the certificate to the file created in step 3 ).
  5. Import-PfxCertificate -FilePath $ file cert: \ LocalMachine \ root -Password $ pwd ( imports the certificate into the SSRS ).

Now it’s time to copy the SQLcertificate.pfx file (point 3) into the VOS and proceed with its installation as indicated in the next lines.

  1. Double click on the file and in the first window choose ” Local Machine “.
  2. When prompted for the password , provide the one set in step 2.
  3. On the next screen select ” Place all certificates in the following store “, and after selecting Browse, select from the ” Trusted Root Certification Authorities ” list.
  4. Ok and after selecting Next, finish the installation.

2- SSRS configuration

Using the SSRS configuration manager it is possible to set the HTTPS connection as shown in images 1,2 and 3.

Picture 1

picture 2

Picture 3

3- Veeam ONE configuration

Images 4 and 5 show how to configure VOS to use SSRS to generate reports.

Picture 4

Picture 5

Note 1: From image 5 we can see that it is possible to test the connection via the Test Connection button.

Note 2: The details on which ports open in the firewalls are documented in the guide. ( helpcenter.veeam.com) ; remember to add port 443 🙂

See you soon

Posted on

MySQL Backup & Veeam Backup & Replication Parte 2

In questo secondo articolo è illustrato dove ricercare gli script per realizzare backup consistenti di DataBase MySQL con Veeam Backup & Replication.

Per scoprire perché sia necessario utilizzare script, vi raccomando di leggere il precedente articolo.

Hot Backup Database Online Dump (Linux)

L’opzione prevede di integrare negli script il comando mysqldump.

Due esempi sono consultabili al seguente sito:

HotBackup Database Freeze (Linux)

L’opzione prevede di effettuare a caldo il flush delle tabelle.

Due esempi sono consultabili al seguente sito:

Cold Backup Database Shutdown (Linux)

L’opzione prevede di fermare il servizion MySQL prima di realizzare il backup.

Due esempi sono consultabili al seguente sito:

Hot Backup Database Online Dump (Windows)

Il seguente esempio in poweshell è puramente dimostrativo. Il mio consiglio è quello di chiedere al vostro esperto in powershell di crearne uno che rispetti le politiche aziendali di gestione e sicurezza.

Pre command (avvia lo script mySQLdump.ps1 sul server YOURMYSQLSERVER)

$password = ConvertTo-SecureString “YOURPWD” -AsPlainText -Force

$Cred = New-Object System.Management.Automation.PSCredential (“DOMAIN\USER”, $password)

New-PSSession -ComputerName mySQL-WIN -Credential $Cred

#Enter-PSSession -ComputerName YOURMYSQLSERVER

#Invoke-Command -Session 6 -FilePath “C:\Script\script-7.ps1” -ComputerName mySQL-WIN

Invoke-Command -ComputerName mySQL-WIN -Credential $Cred -ScriptBlock { C:\Script\mySQLdump.ps1}

mySQLdump.ps1 (Crea il file .sql che viene memorizzato in una specifica cartella sul server YOURMYSQLSERVER)

# Declare variables

$path = “/backups”                      # path of backup folder

$logFile = “automate-mysqldump.log”     # path of log file

$configFile = “C:\ProgramData\MySQL\MySQL Server 5.6\my.ini”           # path of my.cnf file

# Navigate to the backups folder

Set-Location $path

# get today’s date to name today backup folder

$date = Get-Date -UFormat “%Y-%m-%d”

# Check for log file

# Create if not found

if (-NOT (Test-Path $logFile)) {

    New-Item -Path . -Name $logFile -ItemType “file”

    Add-Content $logFile “Created on: $date`n”

}

# enter directory

# create today’s backup directory if it does not exist

if (-NOT (Test-Path $date)) {

    New-Item -ItemType “directory” $date

    Add-Content $logFile “[$date]: New $date directory is created”

}

# Set-Location $date

Add-Content $logFile “[$date]: Starting mysqldump”

# invoke mysqldump – insert mysqldump statement

mysqldump –defaults-file=$configFile -r $date/database-backup.sql –all-databases

Add-Content $logFile “[$date]: Backup for databases are completed”

Add-Content $logFile “”

# pause

 Post command (chiude la sessione remota)

Remove-PSSession -ComputerName YOURMYSQLSERVER

Nel prossimo articolo sarà illustrato come integrare gli script in Veeam Backup & Replication.

Posted on

MySQL Backup and Veeam Backup & Replication – Part 1

This article will show you how to implement a data protection strategy in MySQL environments.

Let’s start with a consideration.

To create consistent backups from an application point of view, it is necessary that before the copy process is started, the application has written all the data in memory to disk ( flush ).

For example, Microsoft® applications use a technology called Shadow Copy which, through the coordination of VSS drivers , achieves application consistency.

A similar technology is not available on Linux and in addition MySQL does not support it in the Microsoft® environment.

How to remedy?

Through the creation of scripts that automate application consistency before starting the creation of the Snapshot .

Having understood this aspect, let’s return to the scope of the article, introducing the options available for MySQL .

Note 1 : Application consistency occurs before snapshot creation.

  • 1. Logical Backup : The script creates a file with the .sql extension which in case of restore allows the re-creation of the database and its data.

The file . sql is created through the native MySQL command ” mysqldump “ .

The advantages of logical backup can be summarized in:

  • There are no dependencies on third-party software.
  • Backups can be restored to other servers.
  • 2. Physical / Cold Backup : Cold copies of the DB files are created (for example: ibdata, .ibd, .frm, ib_logfile, my.cnf).

To be sure that the backups are made in ” application consistency ” mode, before taking the snapshot, it is essential to stop the MySQL services.

It is a backup strategy typically implemented in environments that do not require 24×7 operations.

Note 2 : The service is stopped only for the time necessary to create the snapshot and not for the entire duration of the backup.

  • 3. Physical / Hot Backup : If the InnoDB engine is running, the script allows the creation of consistent copies without stopping the services (using for example the command mysqlbackup component of the MySQL Enterprise suite ( MySQL Product) ).

Now that we know the scripting options available, let’s see how Veeam solutions can natively integrate with MySQL environments.

The first available option is the Veeam Agent for Linux ( VAL ) which automates the following four steps:

  1. Flush data from memory to disk (application consistency).
  2. Creation of the snasphot.
  3. Release of tables.
  4. Start the Backup process.

Note 3 : As indicated in the first part of the article, if the DB is of the MyISAM type, it is possible to backup with the blocking of all the tables.

The pre-requisites of the VAL are:

  • MySQL version is greater than or equal to 5.8.
  • The operating system is Linux.

Question: Is it possible to backup in Windows environments where the MySQL version is lower than version 5.8?

The answer is yes and the available scenarios are:

Logical Backup -> Hot-Backup Database Online Dump -> Mysqldump command.

Physical / Cold Backup –> Cold-Backup Database Shutdown -> Temporary stop of the Services.

Physical / Hot Backup –> Hot-Backup Database Freeze -> Native mysql commands.

Note4 : There is also the possibility of making Partial Backups . In this scenario, specific tables and databases are backed up. It is useful when different protection strategies have to be implemented on the same Server.

In the next article, we will find out how to create scripts and how to integrate them into Veeam Backup & Replication.

Posted on

VMCE 2021 – My experience

On January 24th I completed the VMCE 2021 training course.

In this article, I will describe the methodology I used in order to pass the final exam.

The six cornerstones of the preparation were:

1- Pay maximum attention to Veeam Backup & Replication components (Backup Server, Proxy, Wan Acceleration, Gateway) understanding their purpose, operation, and limitations. For example, for proxies to know the usage scenarios of the different transport modes (SAN, Virtual Appliance, Direct NFS, Network).

2- Understand the RPO (Recovery Point Object) and RTO (Recovery Time Object) theme by analyzing:

    • Type and topology of protection (Backup, Replica, and Backup Copy Job)
    • Type of repositories involved (Stand-alone, XFS / ReFS, Immutable, SOBR, capacity Tier and Archive Tier)
    • Backup chain (Forever Forward Incremental, Reversed Incremental and Forward Incremental)

Note 1 : to verify the preparation the advice is to respond to imaginary requests for protection; for example, thegable.it customer requested a daily primary backup of their VMs with an RPO of 31 days, with a GFS retention of 8 Weeks and 12 Months. In addition, the backup data will have to be copied to a second site …

3- Reinforce the knowledge on the available recovery options (VBR manual), through the Veeam Explorer, also in this case paying particular attention to the usage scenarios and limitations.

4- Massively use the laboratory to establish not only theoretical aspects but also real implementation scenarios.

5- Know the Veeam ONE features (Infrastructure, Data Protection, Business View).

Note 2: Laboratories simplify learning by often turning theory into a wonderful game of trial and error.

Preparation time was 42 days roughly divided into 2 hours/day on average during the week and 4 hours/day on average on weekends.

6- To check your progress and for the final review, the following are available:

VMCE 2021 Practice Exam

Concluding note:

Pearson-Vue test platform certifies VMCE-2021 competency.

You can take the exam either at a Pearson-Vue center or from your home and office.

While recognizing that online is a very convenient approach that eliminates all logistical problems, in my case a small problem presented itself.

My method of recalling stored information and its processing to answer questions often requires the use of a pen and inkwell *.

Well, the exam with the “home and office” option does not allow the use of any pencil and sheet of paper while in Pearson-Vue authorized centers it is often possible to use a small white board of the re-writable type.

In addition, by applying to a licensed center, you will also help Pearson-Vue centers pay back their investment.

*: To take and digitize notes, I have been using Remarkable 2 with utmost satisfaction for 6 months, which I highly recommend to all readers.

Posted on

VMCE 2021 – My experience

On January 24th I completed the VMCE 2021 training course.

In this article, I will describe the methodology I used in order to pass the final exam.

The six cornerstones of the preparation were:

1- Pay maximum attention to Veeam Backup & Replication components (Backup Server, Proxy, Wan Acceleration, Gateway) understanding their purpose, operation, and limitations. For example, for proxies to know the usage scenarios of the different transport modes (SAN, Virtual Appliance, Direct NFS, Network).

2- Understand the RPO (Recovery Point Object) and RTO (Recovery Time Object) theme by analyzing:

    • Type and topology of protection (Backup, Replica, and Backup Copy Job)
    • Type of repositories involved (Stand-alone, XFS / ReFS, Immutable, SOBR, capacity Tier and Archive Tier)
    • Backup chain (Forever Forward Incremental, Reversed Incremental and Forward Incremental)

Note 1 : to verify the preparation the advice is to respond to imaginary requests for protection; for example, thegable.it customer requested a daily primary backup of their VMs with an RPO of 31 days, with a GFS retention of 8 Weeks and 12 Months. In addition, the backup data will have to be copied to a second site …

3- Reinforce the knowledge on the available recovery options (VBR manual), through the Veeam Explorer, also in this case paying particular attention to the usage scenarios and limitations.

4- Massively use the laboratory to establish not only theoretical aspects but also real implementation scenarios.

5- Know the Veeam ONE features (Infrastructure, Data Protection, Business View).

Note 2: Laboratories simplify learning by often turning theory into a wonderful game of trial and error.

Preparation time was 42 days roughly divided into 2 hours/day on average during the week and 4 hours/day on average on weekends.

6- To check your progress and for the final review, the following are available:

VMCE 2021 Practice Exam

Concluding note:

Pearson-Vue test platform certifies VMCE-2021 competency.

You can take the exam either at a Pearson-Vue center or from your home and office.

While recognizing that online is a very convenient approach that eliminates all logistical problems, in my case a small problem presented itself.

My method of recalling stored information and its processing to answer questions often requires the use of a pen and inkwell *.

Well, the exam with the “home and office” option does not allow the use of any pencil and sheet of paper while in Paerson-Vue authorized centers it is often possible to use a small whiteboard of the re-writable type.

In addition, by applying to a licensed center, you will also be helping Pearson-Vue centers to pay back their investment.

*: To take and digitize notes, I have been using Remarkable 2 with utmost satisfaction for 6 months, which I highly recommend to all readers.

Posted on

Veeam & Google Cloud Platform – Part 2

In the previous article, it was shown how to use VBR (Veeam Backup & Replication) as a framework to protect the instances (VMs) present in the Google Cloud Platform ( GCP ).

The integrated component of VBR that automates backup and restore processes is VBGP (Veeam Backup for Google Platform), now in its second version (January 2022).

VBGP allows you to save Google instances at the image level, but to date, it is unable to restore applications in granular mode.

Note 1: The VBGP allows you to create “Application Consistency” backups of the instances through:

  • le VSS (Windows Volume Snapshot Copy Services ) for Microsoft-Windows operating systems.
  • Customizable scripts for Linux operating systems.

In cases where transaction log backup or granular recovery of application objects is required, the Veeam Agent ( VA ) must be used.

Note 2: At www.gable.it you will find many articles detailing how to implement Veeam Agents.

Note 3: The Backup Server VBR can be installed both in the cloud (for example as an instance in GCP ) and on-premises. Correct connectivity between components must be ensured in all scenarios.

Note 4: VBR version 12 (due out in 2022) will add a number of Cloud enhancements. For example, the ability to manage the deployment and Veeam Agent components, without having to create a VPN between the on-premises VBR and the instances to be protected in advance.

Let’s now see the two main phases to perform the Backup of the instance:

The first phase has the purpose of carrying out discovery and deployment of the Agent on the instance (see image 1) (Inventory menu, Create a Protection Group).

Picture 1

In the second phase, the creation of the Backup job by selecting Veeam Agent for Windows (Image 2)

picture 2

During the Wizard, select the Backup Repository (image 4) under Backup Mode, Entire Computer (image 3), and Storage.

Picture 3

Picture 4

The focus of this article is managing application security (in this MS-SQL scenario).

After enabling the application-aware processing (image 5), it is possible to operate at the Transaction Log level, selecting whether to delete them after each Backup operation (Trunking) or whether to backup only the T-Logs. (images 6-8).

Picture 5

Picture 6

Picture 7

Image 8

After starting the job, we check that at the Disk entry there is at least one restore point (see image 9).

Image 9

We conclude this article by explaining the recovery options of the Veeam Agent for Windows: (image 10)

  • Towards VMware & Hyper-V virtual architectures
    • Instant Recovery
    • Restoring Volumes
    • Exporting Disks (VMDK, VHD, VHDX)
  • Towards Public Cloud architectures
    • AWS
    • Azure
    • GCP
  • The creation of a Recovery Media to perform a Bare Metal Restore
  • File and Folder recovery (image 10, also available with VBGP )
  • Application object recovery (image 11 & 12, available only via VA )

Image 10

Image 11

Image 12

All recovery options using Veeam Explorer for SQL are available at the following site .

Note 5 : In the example, a Scale Out Backup Repository has been chosen which has the advantage of copying data to the Google Object Storage (see image 13). Version 12 of VBR will allow direct writing to the Object Storage

Image 13

See you soon