Backup and Restore vCenter Server Appliance

Just a few weeks ago, vSphere 7 saw the light of day. And people went crazy! New ESXi servers with vSphere 7 have sprung up like mushrooms. So many people directly upgraded their homelabs, or maybe even their production systems.

This blog post, I know the last post is some time ago, will show you how you can backup your vCenter Server Appliance with their integrated backup functionality, and also how you can restore it, in case something went wrong. Except for two ways, I went through all options for backup targets and tried to find out how to configure it. So there should be at least one way how you can back up your vCenter data to a proper location in your data center.

Why is it a good idea to back up your vCenter

vCenter is your management central in terms of virtualization. You manage all your ESXi server with it, your clusters, your data center networking maybe (with NSX), you’ve got some automation running, got your host profiles, storage policies, etc. in place there. Why lose all the stuff you’ve configured over a longer period, with maybe much tinkering, try and error? Backing up vCenter is not so hard. You need a backup target, a user and a password. In vCenter 6.7 you can even schedule the backup, which makes things even easier than before, where it wasn’t possible to configure a schedule.

Supported protocols for backup

vCenter supports the following protocols for backup:

  • FTP
  • NFS
  • SMB
  • FTPS
  • SCP
  • HTTP
  • HTTPS

This guide will show you how to configure all of the above protocols, except HTTP and HTTPS. I didn’t see a sense in setting up such a configuration in my lab, because it doesn’t seem to me as such backup targets would exist in a company either. I also think that these two protocols might be the slowest, compared to all the other protocols available. In data centers, no matter if on-premises or cloud, the often-used protocols are NFS and SMB. So chances are high that there might be already a suitable backup target for vCenter. Or it can be easily created. Also, FTP is still commonly used, and we’ve got also secure options with FTPS and SCP.

Backup performance

To be honest, the backup performance was not my top priority. I wanted to configure and test all supported protocols except HTTP and HTTPS. It’s clear that performance matters, at least to a certain degree. Backup windows might be small, or systems should not be impacted with a heavy load. Before we move on, I’d like to show you how the performance was during my tests.

I’ve set up a new vCenter server appliance for this backup and restore test. It is a tiny deployment with 2 CPU, 10GB memory and default disk size (thin). There is nothing configured within vCenter, no hosts, no clusters, nothing except backup. You can see that the amount of data transferred is the same in all tests. In regards to the duration, we’ve got the SMB protocol on the first place, followed by FTPS on the second, and NFS on the third place. Yes, I’m aware of “but there’s ftp:// and not ftps://”. I’ve configured FTPS as you can see later on the screenshots, but when I executed the backup job, it was logged as “ftp”. You can spot the difference at the port used for FTPS.

Read moreBackup and Restore vCenter Server Appliance

My Top 10 Posts in 2019

Another year is over, it’s 2020 and the beginning of a new decade. With this blog article, I’d like to present to you my Top 10 posts of 2019. Surprisingly, the Top 10 blog posts are not all from 2019. Obviously, people are still searching for solutions for problems they have with some “old” stuff like Windows Server 2012 R2, or they are looking for solutions to problems they have in their current infrastructure. I hope that my blog posts will help the people out there in the tech community solving their problems. I’ll do my best to keep on doing my work and sharing my knowledge.

10. VMware Workstation – Unable to connect to the MKS: Login incorrect

I was trying to connect to my vCenter with VMware Workstation and had some issues. This post shows how I’ve been able to solve it.

https://www.driftar.ch/index.php/2017/03/20/vmware-workstation-unable-to-connect-to-the-mks-login-incorrect/

9. Upgrade VCSA through CLI Installer

At my employer, I had the task to upgrade our vCenter to the most recent version. Unfortunately, it wasn’t as easy as it sounds. The vCenter was running on a IaaS solution and with no root or administrative access, you can’t just upgrade. This blog post shows how it was done.

https://www.driftar.ch/index.php/2019/08/02/upgrade-vcsa-through-cli-installer/

8. Veeam – Backup Copy “Block is not initialized. Failed to download disk.”

When I was working at a Veeam Platinum Partner in Switzerland, I had many customers running Veeam Backup & Replication. This is another troubleshooting blog post. I had to use some tools the first time and I was able to fix some backup copy issues.

https://www.driftar.ch/index.php/2017/06/05/veeam-backup-copy-block-not-initialized-failed-download-disk/

7. Active Directory – Replication issues after promoting new 2012 R2 DC

Back in the days when I was working at a solution provider, I was tasked to set up a Windows Server 2012 R2 domain controller. After setting up the DC, I had to solve some replication issues.

https://www.driftar.ch/index.php/2017/02/04/active-directory-replication-issues-after-promoting-new-2012-r2-dc/

6. VMware vSAN cache disk failed and how to recover from it

There was a time when I had three DELL PowerEdge servers in use for one of my first homelab versions. I had an issue with the capacity disks and thankfully, I was able to recover from it.

https://www.driftar.ch/index.php/2018/08/18/vmware-vsan-cache-disk-failed-and-how-to-recover-from-it/

5. Synology now with backup for Office 365

Synology got a huge portfolio with NAS systems for all kinds of scenarios. Small home devices or big and high-performance NAS systems for enterprise with SSDs. But all NAS devices have one thing in common. Synology Diskstation Manager (DSM), which is their operating system and management tool. With the more recent DSM versions, you can now add your Office 365 accounts to it for backing it up.

https://www.driftar.ch/index.php/2018/06/24/synology-now-with-backup-for-office-365/

4. “Starting drivers, please wait” – An HPE adventure story

This was one strange issue! Back in the day when I was working at a solution provider, a customer reported an issue. His ESXi hosts have lost connectivity to a storage system. It took some time to solve, and it was a good experience.

https://www.driftar.ch/index.php/2017/07/18/starting-drivers-please-wait-an-hpe-adventure-story/

3. VMware – Clone a VM with snapshots (and consolidate it)

On the third place of 2019, there’s a post about VM snapshots. Most of the time, a VM snapshot is very useful. If it’s to see if the software update is working, or if it is used by your backup solution. But sometimes, snapshots can be a real nightmare.

https://www.driftar.ch/index.php/2018/09/03/vmware-clone-a-vm-with-snapshots-and-consolidate-it/

2. New homelab hardware arrived!

On the second place of 2019, there’s a post about my new homelab hardware. I recently announced that I’ve got new homelab hardware. That’s the first post out of a small blog series. Enjoy!

https://www.driftar.ch/index.php/2019/12/21/new-homelab-hardware-arrived/

1. Microsoft Active Directory – Desktop Shortcuts with Group Policy

And the winner on the first place for my Top 10 blog posts in 2019 is an old one back from 2016. But obviously, people still search for solutions like this. With Active Directory Group Policies you can do so many things. One of them is also creating desktop shortcuts.

https://www.driftar.ch/index.php/2016/11/12/microsoft-active-directory-desktop-shortcuts-with-group-policy/

New homelab hardware arrived!

Some weeks and months ago the gathering started. I did some long research, read blog posts and found very much helpful stuff. As you can read on my homelab page here, my lab evolved. It all started with VMware Workstation, then I recycled my old gaming rig, I’ve added some real servers and storage, and now, today, I’m announcing the arrival of totally brand-new and shiny homelab hardware!

With this blog post, I’m starting a small series featuring my new homelab. In this very first post, you’ll get the BOM (Bill of Material), so you know exactly what happened. In the next posts, I’ll show you how I’ve set it all up and for what I’m using it.

Basic idea

Instead of having huge servers to heat the basement, I’ve planned to reduce my own data center footprint as much as possible. Ideally, everything related to my homelab should fit into a small 19-inch rack. A really small rack. This rack will be placed in my home office. Also, I want to run an all-flash VMware vSAN cluster with three nodes. I don’t want only two hosts and a witness appliance, even if it works and it is a fully supported concept for small- or branch offices. I want real beef. Each server should have one cache device and at least one SSD for the capacity tier. I went all-in and decided to go with two SSDs for capacity. All servers have to be connected with 10Gig SFP+ for vSAN and vMotion because I already own a 10Gig SFP+ switch (which wasn’t much used until yet). And all three servers should run as silent as possible. Sure, I’ve got headphones for gaming. But when the fans are constantly buzzing around and making noise, it’s not nice. And I’m

To conclude this:

  • Small data center footprint
  • Three node all-flash vSAN cluster
  • 10Gig SFP+ connectivity
  • Small form factor 19-inch rack
  • Silent operations because of home office placement

That’s pretty much it.

For what I’m going to use it?

First, I love hardware! But I’m not buying hardware just for the sake of buying it. I learn new stuff because I didn’t have much to do with Supermicro except reading about it. I’ll install all the vSphere stuff I currently have running, and maybe something more. All that for learning how things work and for my exam preparations. Yes, I don’t have a VCP yet. I tried it several times but failed miserably. But not the next time, for sure! Maybe I’m gonna put also some “production” stuff onto it, like my Pi-Hole (reverse DNS add filter) or my Ubiquiti controller. We will see.

Read moreNew homelab hardware arrived!

Veeam Vanguard Summit 2019 Prague – Day 3 Recap

CDP – Continous Data Protection

Anthony Spiteri kicks off the third and last day of the Vanguard Summit in Prague with CDP. It’s all about the filter driver. There are many competitors out which put their CDP solution out, but some of them still have issues sometimes, like pink screens of death when on the ESXi hosts. Veeam worked closely with VMware to get the stuff done right. Because when you’re going into the I/O stack with a data protection solution, you have to be sure what you’re doing.

CDP is a VMware-only available solution, there is no CDP for Hyper-V, at least not currently. That might change, but not soon. In Veeam you can leverage the usage of VMware tags for your data protection. You create backup jobs that will use these tags, and depending on these tags you’re able to protect your workloads with the needed RPO / RTO.

When you set up DCP in Veeam, Veeam will install the filter driver on a cluster base. You can’t install it on the host manually, Veeam does that for you but on a cluster base. With Veeam CDP there is an RPO as low as 15 seconds possible. For a restore, you can go back to either a restore point or go back with a slider to a specific point in time.

Write for us

Ilya Afanasyev is telling us more about the Veeam engagement in regards to a program for writers. It is called “Write for us” and it is not restricted to Vanguards only but all other tech people can take part in it. You chose a topic and apply for the program. Veeam will approve the topic (or maybe not) and then it’s your turn to create a draft. If the draft gets approved, your blog post gets published on the Veeam blog and you’ll get a revenue. A blog post brings you 200$ and a white paper is worth about 1000$.

If you’re interested to write some cool blog posts or even a white paper, then visit the “Write for us” program on the Veeam website for more information.

Read moreVeeam Vanguard Summit 2019 Prague – Day 3 Recap

Veeam Vanguard Summit 2019 Prague – Day 2 Recap

Containers and Veeam

David Hill introduces us to the topic of containers, and how Veeam can handle that. Containers make it possible to use less different operating systems. Today you’ve got patches and updates to install on your operating system, no matter if it’s Linux or Windows. With containers, it becomes a lot simpler.

It’s all about buzzwords. Being or getting cloud-ready, being cloud-native, and being it now. A few years ago it was the same with the cloud. Cloud did help to solve some problems, but some problems are still the same, just on a bigger scale. The same for containers. They will help to solve some problems, but some problems will still be problems, just on a different scale.

David explained some things about the statefulness of a container. Containers are good when they are used for what they are thought. But having just any kind of application containerized doesn’t work. When an application fails, and the container management spins up a new instance of that application, the application itself doesn’t know what happened. If you click save in WordPress for example, WordPress doesn’t know what you did before when the application crashed in the backend.

Cloud Tier

Andrew Zhelezko and David Hill are talking about the Cloud Tier. In Veeam, you can set up and define multiple types of backup repositories. You can have local disk storage, NAS, deduplication appliances, etc. You can even combine them in a Scale-out Repository. Now with the latest VBR version you’re even able to scale-out to the cloud with the usage of object storage. You’ve got nearly unlimited storage available in the cloud to store your backups. And in Veeam, that’s all policy-driven. Depending on your policy, Veeam does the automatic cloud-tiering to the object storage of your choice. And you can put that object storage also into a Scale-out Repository as a capacity tier.

That means that you might have some backups local, maybe because of compliance reasons or to meet a certain RPO/RTO time. Everything which is older than a specified time will be tiered out to the object storage.

A new feature is the Immutability of your backup files in the object storage. That means that you can lock the backups which are moved out to the cloud. That gives you protection against rogue admins or to have a certain level of compliance. No one can delete your backup files on the cloud storage. You can set the lock for a specific time, and during this time the backup files can’t be deleted. These settings have to be set on a specific S3 bucket.

Read moreVeeam Vanguard Summit 2019 Prague – Day 2 Recap