5 Backup Server Recovery Scenarios

Imagine a disaster, in which the virtual infrastructure has to be restored from scratch.

All is lost except the backup files, which are still available on at least one repository, preferably immutable, on-premises or in the cloud.

To restore the environment you have five different options that are a function of how the Veeam Backup & Replication protection and resilience architecture is designed and implemented.

Note 1: Veeam Backup & Replication will hereafter be referred to as. VBR.

Scenario A (Restoration from scratch):

  • You have not made an application-aware backup of the server VBR.
  • You have not performed application aware replication of the server VBR.
  • Export of server DB configuration is not available VBR.
  • You want to restore production workloads immediately.

What to do?

Step 1A: Install Veeam Backup & Replication.

How to: From Veeam’s website(https://www.veeam.com) download the latest version of VBR.

(direct link -> https://www.veeam.com/products/data-platform-trial-download.html?tab=cloud-plugins).

Picture 1

Note 2: VBR can read Backup files created with earlier versions.

The simplicity of installing Veeam Backup & Replication makes it easy, fast, and can be done in unattended mode.

(https://helpcenter.veeam.com/docs/backup/vsphere/silent_mode.html?zoom_highlight=Unattended&ver=120)

In this step, just clicking “next” to complete the operation is often sufficient.

Note 3: It is recommended that you use your license file (which can be downloaded from my.veeam.com) although the Community Edition (unlicensed) is often sufficient for most restores needed at this stage.

Step 2A: Add the production virtual infrastructure where you want to restore workloads protected by VBR.

How: after completing the first step, from the console of VBR add the virtual infrastructure (Menu: “Inventory” -> “Vmware vSphere“-> “Add Server“) (Image 2).

picture 2

The following steps depend on the type of Hypervisor (VMware vSphere, Microsoft Hyper-V, Nutanix AHV, …) but are always very simple.

Step 3A (optional): Add backup proxies.

Even if we are operating at the recovery level, improving the performance by adding backup proxies is always a good idea.

Step 4A: Adding Veeam backup repositories.

The last preparatory step before starting restores is to add the repositories with the backup data.

How: from the console, select “Backup Infrastructure,” “Backup Repository,” and then “Add Repository” (image 3).

Picture 3

Step 5A: Starting the restore

How: from the console of VBR select “Home,” “Backup,” “Disk imported,” the VM you want to restore, and right-click to start the restore process (Image 4).

Picture 4

Note 4: Recovery can be instantaneous. With this mode, VMs are started directly from the backup repository. In this option, the repository serves as the data store (for VMware the DataStore) for the virtual environment.

(Instant VM recovery was invented by Veeam more than a decade ago and has since improved its performance and flexibility.)

Now your production architecture is back up and running!

https://www.veeam.com/blog/restoring-infrastructure-from-scratch-with-veeam.html

Scenario B: The VBR is a virtual server.

  • You have made an application-aware backup of the server VBR.
  • You have not performed application-aware replication of the server VBR.
  • Export of server DB configuration is not available VBR.
  • You want to restore the server immediately VBR.

What to do?

Step 1B: Make a download of the utility “Veeam.Backup.Extractor.exe” from Veeam’s Download site.

(https://www.veeam.com/products/data-platform-trial-download.html?tab=extensions).

Picture 5

Note 5: There is also a command-line Extract option for Windows and Linux platforms.

Step 2B: Start Extract, select the backup of the VBR, and once the files of the VM-VBR are copied them to your preferred VMware datastore.

Now from the vCenter register the VM you just copied.

(Image 6)

Note 6: A command-line extract option is available for Windows and Linux platforms.

Note 7: It is possible to automate and simplify copying to the VMware Datastore by publishing an NFS network share as mentioned in the following article:

https://www.virtualtothecore.com/veeam-extract-utility-quick-restores-without-veeam-server

Step 3B: After completing the recovery of step 2B, start the VBR and carry out the standard operations of use (see Step 5A).

Scenario C: The VBR is a physical server

  • You have made the application aware backup of VBR by creating the recovery media.
  • Export of the configuration file of (VBR).
  • You want to restore the server immediately VBR.

What to do?

Step 1C: Make the recovery media available to the Physical Server VBR (via Network or USB).

Step 2C: Start the Bare Metal Recovery operation by selecting the necessary backup (image 7 and image 8) in the recovery step.

Picture 7

Image 8

(https://helpcenter.veeam.com/docs/agentforwindows/userguide/howto_baremetal_recovery.html?ver=60)

Step 3C: After completing the recovery of step 2C, start the VBR and carry out the standard recovery operations as indicated in Step 5A.

Scenario D: The VBR is a replicated VM.

  • You have not made an application-aware backup of the server VBR.
  • You have performed application-aware replication of the server VBR.
  • Export of server DB configuration is not available VBR.
  • You want to restore the server immediately VBR.

What to do?

Step 1D: Connect to the vCenter and search for the VBR already replicated.

Image 9

Step 2D: Trigger the failover of the VBR.

Image 10

Step 3D: Realize the management operations of VBR as per Step 5A.

Scenario E: The configuration of the VBR.

  • You have not backed up the server VBR.
  • You have not performed Server Replication VBR.
  • Export of the server DB configuration is available VBR.
  • You want to restore the server immediately VBR.

What to do?

Step 1E: Install VBR on the server (physical or virtual, see step 1A).

Step 2D: Perform a configuration reset of the VBR as indicated in the guide.

(https://helpcenter.veeam.com/docs/backup/vsphere/vbr_config_restore.html?zoom_highlight=configuration+restore&ver=120)

Image 11

Step 3D: Realize the management operations of VBR as per Step 5A.

Note 8: It is always a good idea to save the Backup server configuration.

Final Note: The advice is to strive to be able to use all the strategies described in this article so that if one is not available, a second one can be used.

Enterprise Manager – Delegation of Restores

An article devoted to how you can delegate restores with Veeam Backup & Replication (VBR).

The case study is related to the protection of files in shared folders, but can be extended to many of the objects protected with VBR. (see image 7)

  1. Image 1 shows the three shared network folders (SHARE-A, SHARE-B, SHARE-C) that are used as the source of the files to be protected.

share-sourcePicture 1

In the scenario, it is assumed that for each individual shared folder, only a specific user can proceed with the recovery tasks.

  1. Image 2 highlights the creation of three Domain users, ShareA, ShareB, ShareC.

users-ADpicture 2

Files pertaining to a specific shared folder will be restorable by the user with the identical ending letter in the name. For example, files pertaining to SHARE-A will be restorable by the ShareA user.

(
Editor’s note: For simplicity of exposition, the letter X will replace one of the three letters of the alphabet A-B-C)

  1. A Backup job named “BkF-Share-X” was created for each shared folder.

Image 3 shows that the “BKF-Share-A” job (orange arrow) protects the entire SHARE-A (Blue arrow).

Picture 3

  1. Image 4 highlights the “configuration” menu from the Enterprise Manager.

Administration credentials are required at this configuration stage.

Picture 4

  1. From the submenu
    role
    (image 5 – orange arrow) the three previously created users (ShareX) are added (green arrow) and assigned the role of Restore Operator (blue arrow).

rolePicture 5

  1. Image 6 shows the delegation options.

The ShareA user (green arrow) is assigned the ability to restore all VBR-protected objects via the “Choose” button (orange arrow); in the restore options, only in-place restoration can be allowed (blue arrow).

The next images (7-8) show how to make the choice of objects to be displayed during the restoration delegation operations.

role-1Picture 6

scopeimage 7

role-2Image 8

  1. Image 9 illustrates and confirms that when logged in from the Enterprise Manager with ShareX user credentials (Blue arrow), only files in the corresponding shared folder (orange arrow) are visible and restorable.

ProxyImage 9

Final Note:

MySQL Backup and Veeam Backup & Replication – Part 1

This article will show you how to implement a data protection strategy in MySQL environments.

Let’s start with a consideration.

To create consistent backups from an application point of view, it is necessary that before the copy process is started, the application has written all the data in memory to disk ( flush ).

For example, Microsoft® applications use a technology called Shadow Copy which, through the coordination of VSS drivers , achieves application consistency.

A similar technology is not available on Linux and in addition MySQL does not support it in the Microsoft® environment.

How to remedy?

Through the creation of scripts that automate application consistency before starting the creation of the Snapshot .

Having understood this aspect, let’s return to the scope of the article, introducing the options available for MySQL .

Note 1 : Application consistency occurs before snapshot creation.

  • 1. Logical Backup : The script creates a file with the .sql extension which in case of restore allows the re-creation of the database and its data.

The file . sql is created through the native MySQL command ” mysqldump “ .

The advantages of logical backup can be summarized in:

  • There are no dependencies on third-party software.
  • Backups can be restored to other servers.
  • 2. Physical / Cold Backup : Cold copies of the DB files are created (for example: ibdata, .ibd, .frm, ib_logfile, my.cnf).

To be sure that the backups are made in ” application consistency ” mode, before taking the snapshot, it is essential to stop the MySQL services.

It is a backup strategy typically implemented in environments that do not require 24×7 operations.

Note 2 : The service is stopped only for the time necessary to create the snapshot and not for the entire duration of the backup.

  • 3. Physical / Hot Backup : If the InnoDB engine is running, the script allows the creation of consistent copies without stopping the services (using for example the command mysqlbackup component of the MySQL Enterprise suite ( MySQL Product) ).

Now that we know the scripting options available, let’s see how Veeam solutions can natively integrate with MySQL environments.

The first available option is the Veeam Agent for Linux ( VAL ) which automates the following four steps:

  1. Flush data from memory to disk (application consistency).
  2. Creation of the snasphot.
  3. Release of tables.
  4. Start the Backup process.

Note 3 : As indicated in the first part of the article, if the DB is of the MyISAM type, it is possible to backup with the blocking of all the tables.

The pre-requisites of the VAL are:

  • MySQL version is greater than or equal to 5.8.
  • The operating system is Linux.

Question: Is it possible to backup in Windows environments where the MySQL version is lower than version 5.8?

The answer is yes and the available scenarios are:

Logical Backup -> Hot-Backup Database Online Dump -> Mysqldump command.

Physical / Cold Backup –> Cold-Backup Database Shutdown -> Temporary stop of the Services.

Physical / Hot Backup –> Hot-Backup Database Freeze -> Native mysql commands.

Note4 : There is also the possibility of making Partial Backups . In this scenario, specific tables and databases are backed up. It is useful when different protection strategies have to be implemented on the same Server.

In the next article, we will find out how to create scripts and how to integrate them into Veeam Backup & Replication.

Veeam & Google Cloud Platform – Part 2

In the previous article, it was shown how to use VBR (Veeam Backup & Replication) as a framework to protect the instances (VMs) present in the Google Cloud Platform ( GCP ).

The integrated component of VBR that automates backup and restore processes is VBGP (Veeam Backup for Google Platform), now in its second version (January 2022).

VBGP allows you to save Google instances at the image level, but to date, it is unable to restore applications in granular mode.

Note 1: The VBGP allows you to create “Application Consistency” backups of the instances through:

  • le VSS (Windows Volume Snapshot Copy Services ) for Microsoft-Windows operating systems.
  • Customizable scripts for Linux operating systems.

In cases where transaction log backup or granular recovery of application objects is required, the Veeam Agent ( VA ) must be used.

Note 2: At www.gable.it you will find many articles detailing how to implement Veeam Agents.

Note 3: The Backup Server VBR can be installed both in the cloud (for example as an instance in GCP ) and on-premises. Correct connectivity between components must be ensured in all scenarios.

Note 4: VBR version 12 (due out in 2022) will add a number of Cloud enhancements. For example, the ability to manage the deployment and Veeam Agent components, without having to create a VPN between the on-premises VBR and the instances to be protected in advance.

Let’s now see the two main phases to perform the Backup of the instance:

The first phase has the purpose of carrying out discovery and deployment of the Agent on the instance (see image 1) (Inventory menu, Create a Protection Group).

Picture 1

In the second phase, the creation of the Backup job by selecting Veeam Agent for Windows (Image 2)

picture 2

During the Wizard, select the Backup Repository (image 4) under Backup Mode, Entire Computer (image 3), and Storage.

Picture 3

Picture 4

The focus of this article is managing application security (in this MS-SQL scenario).

After enabling the application-aware processing (image 5), it is possible to operate at the Transaction Log level, selecting whether to delete them after each Backup operation (Trunking) or whether to backup only the T-Logs. (images 6-8).

Picture 5

Picture 6

Picture 7

Image 8

After starting the job, we check that at the Disk entry there is at least one restore point (see image 9).

Image 9

We conclude this article by explaining the recovery options of the Veeam Agent for Windows: (image 10)

  • Towards VMware & Hyper-V virtual architectures
    • Instant Recovery
    • Restoring Volumes
    • Exporting Disks (VMDK, VHD, VHDX)
  • Towards Public Cloud architectures
    • AWS
    • Azure
    • GCP
  • The creation of a Recovery Media to perform a Bare Metal Restore
  • File and Folder recovery (image 10, also available with VBGP )
  • Application object recovery (image 11 & 12, available only via VA )

Image 10

Image 11

Image 12

All recovery options using Veeam Explorer for SQL are available at the following site .

Note 5 : In the example, a Scale Out Backup Repository has been chosen which has the advantage of copying data to the Google Object Storage (see image 13). Version 12 of VBR will allow direct writing to the Object Storage

Image 13

See you soon

Veeam & Google Cloud Platform – Part 1

The first article of 2022 is dedicated to how to secure Google instances ( GCPs ).

The flow and protection architecture is shown in image 1 where there are two Veeam components.

  1. The Veeam Backup for Google Platform ( VBGP ) instance is responsible for making backups and restores of GCP instances.
  2. Veeam Backup & Replication ( VBR ) has the responsibility to centrally manage the movement of Backup data to and from the cloud (Data Mobility).

Picture 1

  • Note 1 : VBGP can be installed in stand-alone mode or using the VBR wizard.
  • Note 2: This article will show how to hook a VBGP instance already present in GCP from VBR.

Let’s see the steps in detail:

From the VBR console, we choose the Backup Infrastructure item.

By clicking with the right mouse button, select add server and then Google Cloud Platform (see image 2)

picture 2

The next step is to enter the login credentials to the Google Service Account (image 3)

Picture 3

The wizard continues asking you to enter the name of the VBGP server already created (image 4)

Picture 4

After selecting the type of network present (image 5), the next step is to enter the credentials to access the Repository (image 6).

Remember that the best protection practice is to back up the instance as a snapshot, then pour the snapshot into Google’s Cloud Object Storage.

Thus the 3-2-1 rule is respected, i.e. having 3 copies of data (Production + Snapshot + Object Storage) on two different media (Primary Storage + Object Storage) with an offsite copy (Object storage should belong to another region).

Picture 5

Picture 6

Once the wizard is finished, still from the VBR console we can connect to the console to the VBGP server (image 7) to start creating protection policies.

Picture 7

After entering the login credentials (image 8)

Image 8

it is possible to monitor the environment through an overview of the present instances, of the protected ones (image 9 & 10)

Image 9

Image 10

Manage protection policies through:

The creation of the Backup policies, indicating the name (image 12), selecting the project (image 13), the region (image 14), the resources (image 15), the Backup target (image 16), the schedule, and the type backup (images 17 to 19)

Image 11

Image 12

Image 13

Image 14

Image 15

Image 16

Picture 17

Image 18

Image 19

The last two items indicate the estimated monthly costs to implement the backup policy (image 20) and the setting of retries and notifications (image 21)

Image 20

Image 21

Once the configuration is complete and the monitoring has verified that the policy has been completed successfully, it is possible to proceed with the recovery (image 22).

Image 22

The available options are:

  • Entire Instance
  • Files and Folders

The next images (23-24-25) show the key steps to restore the entire instance.

Image 23

Image 24

Image 25

In the next article we will see how to protect and restore a SQL DB present in a GCP instance

See you soon

VBR – Mac Backup

Veeam Backup & Replication (VBR) version 11 has a new feature and Mac users will fall in love with it.

It is now available for the backup and restores of your MACOS files.

It supports the last Operating Systems starting from High-Sierra (Big Sur 11.X.X / Catalina 10.15.X / Mojave 10.14.X / High Sierra 10.13.6).

Note 1: The Veeam Agent for Mac (VAM) version 1 supports the M1 processor via Rosetta.

Note 2: The VAM supports consistent data backup with snapshots for the APFS file system.

In the other file systems, the backup is created via a snapshot-less approach.

Note 3: At the moment it’s possible to perform the backup of user data (with a custom scope too). The image of the entire machine and a Bare Metal Restore are not available yet.

The configuration steps are quite easy as shown in the official guide:

To recap, the procedure consists of:

  1. From the VBR console create a resource group using a flexible scope
  2. Copy the files generated from VBR to the MAC to protect
  3. Install the package to your machine and import the created configuration. (It allows the communication between VBR and the Mac)
  4. From the VBR console creating the backup policy and apply it

The following video shows how it works in a managed VBR architecture.

Take care and see you soon.