Tag: Veeam

Posted on

NAS backup – GFS to Tape

Many customers and partners ask whether it is possible to implement a GFS (Grandfather – Father – Son) type of protection policy when the data to be protected pertains to a NAS (Network network-attached storage) and the destination is a tape library.

Such automation with the current version of Veeam Backup & Replication(VBR) 12.1 is not yet available, something that is already possible when the data source is a backup of VMs and Physical Servers.

In this first article, I will help you achieve that goal by taking advantage of VBR ‘s great flexibility in creating backup jobs.

Note1: In the next one I will illustrate how to make GFS copies by exploiting a little-known feature of
VBR
, the Tape Copy.

Flexibility of Backup Jobs:

a. VBR manages tapes using an architecture that is based on:

  • Media Pool(MP) are the logical containers of the tapes and can pertain to one or more Backup jobs (in our scenario we will create one MP per Job).
  • Media Set(MS) identifies the restore points present on the tape (in our scenario we will create one MS per Backup job per single tape).

b. The proposed solution is to create weekly, monthly, and annual backup jobs in full mode. These backups should be created on a specific date and the backups should reside on tape pools created for the purpose.

Let’s see step by step how to proceed:

c. Creation of weekly and monthly Media Pools(MP).

Picture 1

From image 2 it is important to note that a new tape will be used for each backup session.

picture 2

Image 3 shows how to set the retention, which in this scenario is 4 weeks.

Picture 3

For the Monthly MP, the same procedure is used, changing the retention to 12 months (see images 4,5,6).

Picture 4

Picture 5

Image 6 shows that the retention for Full Months is 12 months.

Picture 6

d. Creating Backup Jobs

Picture 7

image 8

Image 9 highlights the scheduling of the Backup job.

The assumption is to make n full backup jobs for each GFS policy.

Our example scenario shows the first week’s job (blue arrow) with weekly retention (green arrow). For the second, third, and subsequent week, we will proceed in a completely similar way, replacing the value first with second, third, etc. under “Run the full backup automatically.”

Image 9

Image 10 highlights (orange arrow) that no incremental backups will be initiated.

image 10

The same steps must be implemented to create monthly type GFS backups, in the example I set the backup job start on the 4th Saturday of the month (image 12 – blue arrow).

Image 11

Image 12

Image 13

Note 2:

  • Licensing counts licenses per individual Backup job (verision 12.1).
  • Conduct tests to make sure the scenario matches your needs. Get help from Veeam support.

In the next article, we will see how to use the Tape Copy feature.

Posted on

Enterprise Manager – Delegation of Restores

An article devoted to how you can delegate restores with Veeam Backup & Replication (VBR).

The case study is related to the protection of files in shared folders, but can be extended to many of the objects protected with VBR. (see image 7)

  1. Image 1 shows the three shared network folders (SHARE-A, SHARE-B, SHARE-C) that are used as the source of the files to be protected.

share-sourcePicture 1

In the scenario, it is assumed that for each individual shared folder, only a specific user can proceed with the recovery tasks.

  1. Image 2 highlights the creation of three Domain users, ShareA, ShareB, ShareC.

users-ADpicture 2

Files pertaining to a specific shared folder will be restorable by the user with the identical ending letter in the name. For example, files pertaining to SHARE-A will be restorable by the ShareA user.

(
Editor’s note: For simplicity of exposition, the letter X will replace one of the three letters of the alphabet A-B-C)

  1. A Backup job named “BkF-Share-X” was created for each shared folder.

Image 3 shows that the “BKF-Share-A” job (orange arrow) protects the entire SHARE-A (Blue arrow).

Picture 3

  1. Image 4 highlights the “configuration” menu from the Enterprise Manager.

Administration credentials are required at this configuration stage.

Picture 4

  1. From the submenu
    role
     (image 5 – orange arrow) the three previously created users (ShareX) are added (green arrow) and assigned the role of Restore Operator (blue arrow).

rolePicture 5

  1. Image 6 shows the delegation options.

The ShareA user (green arrow) is assigned the ability to restore all VBR-protected objects via the “Choose” button (orange arrow); in the restore options, only in-place restoration can be allowed (blue arrow).

The next images (7-8) show how to make the choice of objects to be displayed during the restoration delegation operations.

role-1Picture 6

scopeimage 7

role-2Image 8

  1. Image 9 illustrates and confirms that when logged in from the Enterprise Manager with ShareX user credentials (Blue arrow), only files in the corresponding shared folder (orange arrow) are visible and restorable.

ProxyImage 9

Final Note:

Posted on

Veeam + ReFS: How much space you save

ReFS is the advanced file system from Microsoft that improves data availability through technologies that can:

  1. Ensuring greater resilience of data stored on the file system.
  2. Increase the performance in reading and writing.
  3. Improve the scalability (we are talking about millions of TB).

One of the most useful and widely used features in backup is the technology of Block-Cloning which allows Veeam Backup & Replication to create full backups equal in size to an incremental.

The operation logic is simple and consists of 3 phases:

  1. TheBackup copies to the target Repository (ReFS), the incremental data of the VM / Instances / Physical Servers/ Clients To be protected.
  2. The File System ReFS will take care of storing the new blocks and creating the metadatarelated to the newly written data.
  3. The option “create a Syntethic-full” actually triggers anoperation at the level of metadata. ReFS adds to the metadata just created, those related to previous backups, thus creating a new full child of the union of all the necessary metadata. To further simplify, a logical full is created without any block being copied/moved.

Note 1: The result is not only a saving in space but also in the time it takes to make the full.

Well, how is it possible to quantify the disk space saved in the repository (ReFS)?

Timothy DeWin has made a tool (blockstat.exe) perfect for this calculation, to which I refer you for all possible options.

In my case, I solved the client’s need through:

  1. Creation through powershell of a text file (Unicode format) that would search all the Backup files generated by Veeam Backup & Replication within the ReFS repository. (See image 1)
  2. Captured the output of the bloclstat command. (see image 2)

Picture 1

picture 2

Posted on

SQL Reporting Server – Self Certificate & Veeam ONE

Veeam One is a splendid Advanced Analysis and Reporting tool for virtual and backup environments.

In an Enterprise architecture, the Veeam One roles are distributed on different Servers.

Let’s talk about the DataBase ( MS-SQL ), the Reporting Server ( SSRS ) and obviously the Veeam ONE Server ( VOS )

In this article, I will illustrate how you can streamline your reporting by creating an encrypted connection between Veeam ONE and the Reporting Server at the same time.

The procedure consists of three macro phases.

  1. The first creates the certificate that enables the HTTPS encrypted connection on the SSRS server.
  2. In the second, you configure SSRS to accept HTTPS connections.
  3. In the third, we configure the Veeam ONE server to use SSRS for reporting.

1- Creation of the certificate

If there is no certificate authority installed in your domain (like mine), you need to create a Self-Signed certificate.

Let’s see how to proceed:

On the SSRS , start a PowerShell console as administrator and run the following commands:

  1. New-SelfSignedCertificate -CertStoreLocation cert: \ LocalMachine \ my -dnsname NAMESERVER -NotAfter (Get-Date) .AddMonths (60) (replace NAMESERVER with your Server name).
  2. $ pwd = ConvertTo-SecureString ” yourpassword ” -asplainText -force (replace your password with a complicated one of your choice).
  3. $ file = ” C: \ MyFolder \ SQLcertificate.pfx ” (this is the location where the certificate will be exported ).
  4. Export-PFXCertificate -cert cert: \ LocalMachine \ My \< Thumbprint created from the output of the first command> -file $ file -Password $ pwd ( Copy the certificate to the file created in step 3 ).
  5. Import-PfxCertificate -FilePath $ file cert: \ LocalMachine \ root -Password $ pwd ( imports the certificate into the SSRS ).

Now it’s time to copy the SQLcertificate.pfx file (point 3) into the VOS and proceed with its installation as indicated in the next lines.

  1. Double click on the file and in the first window choose ” Local Machine “.
  2. When prompted for the password , provide the one set in step 2.
  3. On the next screen select ” Place all certificates in the following store “, and after selecting Browse, select from the ” Trusted Root Certification Authorities ” list.
  4. Ok and after selecting Next, finish the installation.

2- SSRS configuration

Using the SSRS configuration manager it is possible to set the HTTPS connection as shown in images 1,2 and 3.

Picture 1

picture 2

Picture 3

3- Veeam ONE configuration

Images 4 and 5 show how to configure VOS to use SSRS to generate reports.

Picture 4

Picture 5

Note 1: From image 5 we can see that it is possible to test the connection via the Test Connection button.

Note 2: The details on which ports open in the firewalls are documented in the guide. ( helpcenter.veeam.com) ; remember to add port 443 🙂

See you soon

Posted on

MySQL Backup & Veeam Backup & Replication Parte 2

In questo secondo articolo è illustrato dove ricercare gli script per realizzare backup consistenti di DataBase MySQL con Veeam Backup & Replication.

Per scoprire perché sia necessario utilizzare script, vi raccomando di leggere il precedente articolo.

Hot Backup Database Online Dump (Linux)

L’opzione prevede di integrare negli script il comando mysqldump.

Due esempi sono consultabili al seguente sito:

HotBackup Database Freeze (Linux)

L’opzione prevede di effettuare a caldo il flush delle tabelle.

Due esempi sono consultabili al seguente sito:

Cold Backup Database Shutdown (Linux)

L’opzione prevede di fermare il servizion MySQL prima di realizzare il backup.

Due esempi sono consultabili al seguente sito:

Hot Backup Database Online Dump (Windows)

Il seguente esempio in poweshell è puramente dimostrativo. Il mio consiglio è quello di chiedere al vostro esperto in powershell di crearne uno che rispetti le politiche aziendali di gestione e sicurezza.

Pre command (avvia lo script mySQLdump.ps1 sul server YOURMYSQLSERVER)

$password = ConvertTo-SecureString “YOURPWD” -AsPlainText -Force

$Cred = New-Object System.Management.Automation.PSCredential (“DOMAIN\USER”, $password)

New-PSSession -ComputerName mySQL-WIN -Credential $Cred

#Enter-PSSession -ComputerName YOURMYSQLSERVER

#Invoke-Command -Session 6 -FilePath “C:\Script\script-7.ps1” -ComputerName mySQL-WIN

Invoke-Command -ComputerName mySQL-WIN -Credential $Cred -ScriptBlock { C:\Script\mySQLdump.ps1}

mySQLdump.ps1 (Crea il file .sql che viene memorizzato in una specifica cartella sul server YOURMYSQLSERVER)

# Declare variables

$path = “/backups”                      # path of backup folder

$logFile = “automate-mysqldump.log”     # path of log file

$configFile = “C:\ProgramData\MySQL\MySQL Server 5.6\my.ini”           # path of my.cnf file

# Navigate to the backups folder

Set-Location $path

# get today’s date to name today backup folder

$date = Get-Date -UFormat “%Y-%m-%d”

# Check for log file

# Create if not found

if (-NOT (Test-Path $logFile)) {

    New-Item -Path . -Name $logFile -ItemType “file”

    Add-Content $logFile “Created on: $date`n”

}

# enter directory

# create today’s backup directory if it does not exist

if (-NOT (Test-Path $date)) {

    New-Item -ItemType “directory” $date

    Add-Content $logFile “[$date]: New $date directory is created”

}

# Set-Location $date

Add-Content $logFile “[$date]: Starting mysqldump”

# invoke mysqldump – insert mysqldump statement

mysqldump –defaults-file=$configFile -r $date/database-backup.sql –all-databases

Add-Content $logFile “[$date]: Backup for databases are completed”

Add-Content $logFile “”

# pause

 Post command (chiude la sessione remota)

Remove-PSSession -ComputerName YOURMYSQLSERVER

Nel prossimo articolo sarĂ  illustrato come integrare gli script in Veeam Backup & Replication.

Posted on

MySQL Backup and Veeam Backup & Replication – Part 1

This article will show you how to implement a data protection strategy in MySQL environments.

Let’s start with a consideration.

To create consistent backups from an application point of view, it is necessary that before the copy process is started, the application has written all the data in memory to disk ( flush ).

For example, Microsoft® applications use a technology called Shadow Copy which, through the coordination of VSS drivers , achieves application consistency.

A similar technology is not available on Linux and in addition MySQL does not support it in the Microsoft® environment.

How to remedy?

Through the creation of scripts that automate application consistency before starting the creation of the Snapshot .

Having understood this aspect, let’s return to the scope of the article, introducing the options available for MySQL .

Note 1 : Application consistency occurs before snapshot creation.

  • 1. Logical Backup : The script creates a file with the .sql extension which in case of restore allows the re-creation of the database and its data.

The file . sql is created through the native MySQL command ” mysqldump “ .

The advantages of logical backup can be summarized in:

  • There are no dependencies on third-party software.
  • Backups can be restored to other servers.
  • 2. Physical / Cold Backup : Cold copies of the DB files are created (for example: ibdata, .ibd, .frm, ib_logfile, my.cnf).

To be sure that the backups are made in ” application consistency ” mode, before taking the snapshot, it is essential to stop the MySQL services.

It is a backup strategy typically implemented in environments that do not require 24×7 operations.

Note 2 : The service is stopped only for the time necessary to create the snapshot and not for the entire duration of the backup.

  • 3. Physical / Hot Backup : If the InnoDB engine is running, the script allows the creation of consistent copies without stopping the services (using for example the command mysqlbackup component of the MySQL Enterprise suite ( MySQL Product) ).

Now that we know the scripting options available, let’s see how Veeam solutions can natively integrate with MySQL environments.

The first available option is the Veeam Agent for Linux ( VAL ) which automates the following four steps:

  1. Flush data from memory to disk (application consistency).
  2. Creation of the snasphot.
  3. Release of tables.
  4. Start the Backup process.

Note 3 : As indicated in the first part of the article, if the DB is of the MyISAM type, it is possible to backup with the blocking of all the tables.

The pre-requisites of the VAL are:

  • MySQL version is greater than or equal to 5.8.
  • The operating system is Linux.

Question: Is it possible to backup in Windows environments where the MySQL version is lower than version 5.8?

The answer is yes and the available scenarios are:

Logical Backup -> Hot-Backup Database Online Dump -> Mysqldump command.

Physical / Cold Backup –> Cold-Backup Database Shutdown -> Temporary stop of the Services.

Physical / Hot Backup –> Hot-Backup Database Freeze -> Native mysql commands.

Note4 : There is also the possibility of making Partial Backups . In this scenario, specific tables and databases are backed up. It is useful when different protection strategies have to be implemented on the same Server.

In the next article, we will find out how to create scripts and how to integrate them into Veeam Backup & Replication.