VMware backup

Before you begin configuring the backup job, keep in mind that you have to balance the load equally in the source and target because if backups are triggered simultaneously, it will cause the backup job to run slower, the reason being the disk will be accessed at the same time by different jobs.

There are five steps in VMware backup configuration. The section below explains the working of each functionality along with the guidelines.

• Configuring Virtual Machines
• Guest Processing
• Scheduling Backup
• Settings
• Reviewing your selections

Configuring Virtual Machines

• Read this section for more - Step 2 - VMware Backup

Exclusion

• You can exclude a particular Disk type either at the host level or VM level using Disk Exclusion option. In the Exclude Disk(s) tab, you will find the configured host(s) listed. If you have selected Host Level backup, you might want to exclude a specific set of VMs from the backup process. Such VMs can be excluded using the VM(s)/Disk(s) exclusion option.

Working

• The details regarding the exclusion configuration will be stored in the exclusion_details database.
• The following will be checked -
• Disk Type (IDE, SCSI, SATA) with their control location and control number
• Exclusion Level (Host or VM Level)
• Exclusion Type
• The list of disks that are available in the VM will be checked. For example, VM (0:0, 0:1, 0:2) these disks availability will be checked and excluded before the backup data is sent to the Vembu BDR backup server.

Guest Processing

Read this section for more - Step 3 - VMware Backup

Application-Aware Image Processing

• You can enable Application Aware Settings for your Guest OS Machines. This feature provides data consistency for the applications (MS Exchange Server, MS SQL Server, MS SharePoint Server, MS Active Directory) that reside in the VM.
• Refer our documentation for further explanation on the steps involved while you configure Guest Processing - Read here
• In Windows environment, Vembu BDR backup server connects to the guest OS through the IP address obtained from the VMware tools. It then performs the guest processing if application-aware is enabled.
• You must provide Guest OS credentials if you have enabled the Application Aware Settings. Vembu BDR backup server verifies the credentials, in case the credentials are wrong, your backup will fail.

We recommend you to provide the correct credentials for Guest OS machines.

How Application-Aware works

• Vembu BDR backup server checks if the Appwareguestool.exe file is already present in C:\Windows.
• If the .exe file is already present, the file will be removed and pushed again. The tool installation will happen, this is the pre-read and write process.
• This process ensures the writer stability. From the C:\ Windows location, Appawarestatus.txt file will be read to check if the status is stable or not. The log truncation takes place after this.
• Regarding the sizing, no special guidelines are required. Ensure free space in each drive for VSS Snapshot.
• No ports are necessary to be open between the Vembu BDR backup server and VM for Guest OS processing.
• A user account for application-aware image processing should have administrator privileges on the guest OS.

Make sure there is space in the VM drive in which the VSS Snapshot functionality is performed.

The following versions of Microsoft Exchange Server are supported:

• Microsoft Exchange 2016
• Microsoft Exchange 2013 SP1
• Microsoft Exchange 2013
• Microsoft Exchange 2010 SP1, SP2, or SP3

The following versions of Microsoft SharePoint Server are supported:

• Microsoft SharePoint 2016
• Microsoft SharePoint 2013
• Microsoft SharePoint 2010

The following versions of Microsoft SQL Server are supported:

• Microsoft SQL Server 2016
• Microsoft SQL Server 2014
• Microsoft SQL Server 2012
• Microsoft SQL Server 2008 R2
• Microsoft SQL Server 2008

The following versions of Microsoft Active Directory are supported:

• Microsoft Windows Server 2016
• Microsoft Windows Server 2012 R2
• Microsoft Windows Server 2012
• Microsoft Windows Server 2008 R2
• Microsoft Windows Server 2008

Configuring Backup Schedule

• When you trigger a backup job for the first time, a full backup will be performed. The backup data is read as a whole (irrespective of changed files) and is stored in your storage repository. The data will be compressed and when a new full backup is triggered, a completely new backup chain will be formed.
• We have three options for scheduling your VMware backup, they are - Run Every, Run Daily, Run Weekly. Schedule frequency begins from 15 minutes, select this option only for your critical VMs as RPO will be less than 15 minutes.
• Read more on configuring backup here - Step 4 - Configuring Backup Schedule

Configuring Settings

Read more on Settings - Step 5 - Settings

We recommend you to use separate storage for backup jobs. Do not combine your backup data with production data.

We do not recommend choosing the OS partition as a storage repository.

Retention

• If you have configured retention policies, the previous full backup can be purged if they match the retention settings. Note that the incremental backup will be generated based on the changes that happen in the initial full backup and depend on them. Once the full backup schedule is completed, the incremental backups will start. They will be stored in the storage repository as an SGCF file (Chunk).
• The backup data is stored in the storage repository in a compressed format. The backup data is compressed so that the amount of data transferred across the LAN is reduced. The compression takes place at the block level using the AES-256 bit algorithm. By default, compression will be enabled.

We do not recommend you to disable compression.

• If your aim is to store space more efficiently, you can opt for the Forever Incremental process. In this process, only one full backup will be created (FBM) and from there on, only incrementals will happen.
• Since there is only one full backup created in the storage repository, you save a lot of space. Based on the previous incremental file the next incremental file will be created thereby maintaining the backup chain.

We do not recommend you to use this method if you make changes too frequently as the merge process takes time.  

Encryption Best Practices

• Encryption protects your data from unauthorized users and intruders. Using the AES-256 bit encryption algorithm, your backup data will be encrypted both at rest and on the fly. Without the encryption key, access to the backup data will be blocked. This ensures your backup files are secure.
• By default, your backups will be encrypted using the system-generated password even if Encryption is disabled. You can opt to a custom password for extended data protection and you will be required to provide it during recovery. Opting to the custom password will disable integrity check from being performed automatically.

You must configure encryption if -

• Your backup data can be easily accessed by intruders
• If you are configuring offsite copy
• If your organization's policy includes configuring encryption

We do not recommend using the same name for Password and its hint to avoid security issues.

You can configure encryption in two ways -

• When you configure the backup schedule
• From the Settings tab - Data Encryption.

Do not configure encryption if your backup jobs must run fast.  

VMware Backup Anatomy

• When you complete configuring the backup schedule, the CBT reset process takes place. The VM will be validated for the backup process. The Vembu BDR backup server creates a snapshot and using the CBT, the disk information of the VM will be processed.
• Post this the Application Aware operations will be triggered directly from the Vembu BDR backup server.
• The backup proxy reads the backup data, one option is to let the Vembu BDR backup server choose the backup proxy automatically, or choose the backup proxy for your configured backup.
• The backup server provides details about the VM to the backup proxy so that the read process begins. The read process, compression, and encryption will happen after this. The data is transferred to the backup server and the connection is closed successfully.

We recommend you to ensure that your backups utilize the available disk space efficiently.

The working of VMware backup is explained with the help of an architecture diagram below