TSM for Virtual Environments Data Protection for VMware

© 2011 IBM Corporation

Data Protection for VMware

Wolfgang Hitzler

Agenda

Introduction

TSM for Virtual Environments 6.2

Traditional In-Guest Backup and Recovery Model

Install a backup agent in the guest OS and manage like a physical server

Disadvantages

►

Deploying, managing, maintaining ‘backup agent sprawl’

►

Impacts processor, memory, I/O resources on host

►

Data movement limited to LAN

Tiered Storage

VMware ESX / ESXi Server

TSM Backup Archive Client VMware Backup

VCB/vStorage API

vStorage API

No

2

Yes

6.2.2

TSM Version In-guest

backup

On-host backup

(ESX /Linux B-A)

Off-host backup

(file)

Off-host backup

(full-VM)

5.2

Yes

Yes

technology not

available

technology not

available

5.3

Yes

Yes

VCB (experimental

1

via integration

module)

VCB (experimental

via integration

module)

5.4

Yes

Yes

VCB (via

integration module)

VCB (via

integration

module)

5.5

Yes

Yes

VCB

VCB (via

integration

module)

6.1

Yes

Yes

VCB

VCB

6.2

Yes

Yes

vStorage API

VCB

6.2.3/TSM4VE

Yes

No

2

_{vStorage API}

_{VCB/vStorage API}

1

_{TSM 5.3 was certified with VCB and integration modules by VMware but not by IBM}

TSM VMware Update

Dec 2010

TSM 6.2.2 B/A Client - Full VM block level backup / restore (all VMware

supported guest platforms) from B/A client running on Windows and

integrated with vStorage API for Data Protection (VADP)

1Q2011

VE 6.2 Announced: February 22

http://www-01.ibm.com/common/ssi/rep_ca/8/897/ENUS211-028/ENUS211-028.PDF

TSM 6.2.3 B/A Client - Adds block level incremental backup (enabled with TSM

for Virtual Environments license)

TSM for Virtual Environments 6.2 - Data Protection for VMware Recovery

New TSM for Virtual Environment component enhancing the Backup-Archive client support

Support multiple recovery options from VM image-level backups by exploiting VMware’s vStorage APIs for

Data Protection including change block tracking

New TSM for Virtual Environment component enhancing the Backup-Archive client support

Support multiple recovery options from VM image-level backups by exploiting VMware’s vStorage APIs for

Data Protection including change block tracking

Tivoli Storage Manager

Storage Pool

TSM for VMware

Windows centralized

backup server*

Backup VM

image

full or incremental

changes

TSM for Virtual Environment – VMware Integration

1

Mount image directly from TSM

disk

storage pool,

expose it locally or using an iSCSI target interface

2

3

Restore single file directly to guest

(or any other target)

Added Value

Single source backup

Incremental backup

File-level recovery from any OS

Near-Instant volume restore

Added Value

Single source backup

Incremental backup

File-level recovery from any OS

Near-Instant volume restore

New TDP

vS

to

ra

g

e

A

P

I

*Centralized backup server can be a physical or virtual machine

New

New

B/A Client: Full-VM Backup with Streaming and Changed Block Tracking

VM1

/a

D:

C:

VM2

VMFS

ESX/ESXi Server

SAN Storage Subsystem

vmdk

vmdk

vmdk

SAN

TSM Server

1. TSM client initiates

snapshot of virtual guest

volumes and backups control

information (vSphere API)

Snaps VM1

2a. Full Backup: TSM agent moves

all used data blocks from snapshot

(vStorage API for Data Protection)

or

2b. Incremental backup (enabled with

VE): TSM agent moves changed

blocks reported by VMware Changed

Block Tracking

TSM for Virtual Environments 6.2

Backup

Server

•

Centrally managed data protection for VMware hypervisors.

Remove requirement for deployment of agent within each VM

guest.

•

Quick and efficient incremental block-level backups utilizing

VMware's vStorage APIs for Data Protection and Changed Block

Tracking (incremental and content aware backups)

•

Automatic discovery and backup of newly created virtual

machines

•

Capability to offload backup workload to one or more vStorage

backup servers

•

Non-disruptive snapshot at the virtual machine image level to

help minimize disruptions to virtual guests

•

Multiple recovery options from single-source image-level

backup

•

Granular file level recoveries

•

Near-instant volume recoveries

•

Full virtual machine recoveries

•

Integrate with TSM capabilities

• Data reduction (compression and deduplication) to

reduce network and storage capacity requirements

• TSM server scalability and storage pool management

• LAN or SAN data paths to TSM server

• Common / centralized approach for physical and virtual

environment

VMware ESX / ESXi Server

TSM for Virtual Environments 6.2 Components

vStorage Backup Server

►

Machine where the B/A client is installed

►

VM guest machine or off-host physical machine

6.2.3 B/A Client

►

Installed on 1 to n vStorage backup servers

►

vStorage backup server can host 1 to n B/A client instances.

6.2 Data Protection for VMware Recovery Agent

►

Centralized file-level restore for Windows and Linux

►

Individual VM guest file-level restore and instant volume restore

B/A Client: Off-host Backup Deployment

The vStorage Backup server can be a physical server

Offloads backup processing from ESX host

High performance configuration that can utilize SAN data path

Data path configurations

►

VADP: LAN or SAN

►

TSM API: LAN or SAN

VMware ESX / ESXi Server

Hypervisor

Virtual Machines

vStorage

Backup

Server

Backup

Server

vStorage

_{API (VA}

DP)

Virtual Disk

Volumes

B/A Client: In-Guest Backup Deployment

VMware ESX / ESXi Server

Hypervisor

Virtual Machines

Backup

Server

VAD

_P

Virtual Disk

Volumes

The vStorage backup server can be a virtual machine

►

No additional HW needed

►

Use ESX host resources for backup

►

Data path configurations

–

VADP: LAN or Hot Add

–

TSM API: LAN

B/A Client – Block Level Backup with VADP

Supported Environment

►

Backs up all VMware supported guest-OS platforms

►

B/A client running on vStorage Backup Server: Windows 2003, Windows 2008,

Windows 2008 R2 (32 and 64 bit)

►

TSM Server Levels: 5.5, 6.1 and 6.2

►

vSphere 4.0 and 4.1 (ESX/ESXi) and VI3 (ESX/ESXi 3.5)

►

Recommend VMware vSphere 4 and 4.1 (ESX / ESXi) and VM’s at HW level 7

(required to utilize Changed Block Tracking)

VM data accessed via vStorage / vSphere APIs

►

No staging area required on vStorage backup server

►

Changed Block Tracking

●

_{Incremental backups (with periodic fulls) – No scan of guest OS file system}

●

_{Content aware backup only processes used areas of disks}

VMotion aware

Complete full snapshot of ‘live’ (running) virtual machine

●

_{Windows utilizes VSS}

●

_{Pre / post snapshot support available (VMware tools)}

B/A Client Full VM Backup – vStorage API

1.

BA client uses vStorage API Data

API contacts VMware (vCenter, ESX, etc)

2.

Invokes vmtools on guest

3.

ESX creates Snapshot

No staging disk on proxy (re. VCB support)

4.

B/A client captures configuration information

5.

B/A client reads VMDK (full or inc) via VADP

6.

B/A client sends backup data to TSM server via TSM API

Multiple objects including control info for each VMDK

Grouped on TSM server in \VMFULL filespace

Different filespace name on server from VCB backups

B/A Client: Installing VADP Support

1. Select Custom Install

B/A Client – Configuration

Recommendation: Use Preference Editor in B/A Client GUI (i.e. dsm)

Configure communication with vCenter / ESX

●

_{VMFULLTYPE = VSTOR}

●

_{VMBACKUPTYPE = FULLVM}

●

_{VMCHOST: specifies where to connect}

●

_{VMCUSER: vCenter / ESX Administrator ID}

●

_{GUI preferences editor / command “dsmc set password -type=vcb host userid}

password”

Auto discovery and backup of VM guests

●

_{DOMAIN.VMFULL defines guest to process for full VM backup. Options include}

VMHOST, VMFOLDER, ALL-WINDOWS, ALL-VM

●

_{VMLIST can be used to specify list of VM’s based on VMware display name}

Management Class / Copy Group

●

_{VMMC (optional use of VMCTLMC for tape configurations)}

●

_{Storage pool destination}

●

_{Retention policy based on full backups (i.e. associated incrementals are expired}

based on policy applied to full) : VEREXISTS and RETAINEXTRA

Example TSM Node Definitions

VM1

Guest

Machines

VM2 VM3

Host

Machine

ESX1

VMFS

DataStore

VM4

Guest

Machines

VM5 VM6

Host

Machine

ESX2

VMFS

DataStore

dsm/dsmc node=DM2 asnode=DC1 vmchost=ESX2 dsm/dsmc node=DM1 asnode=DC1 vmchost=ESX1

vStorage Backup Server

VMware Target Node Name = DC1 Filespaces for DC1 VM1 VM2 VM3 VM4 VM5 VM6

DB2 Database

Disk storage pool

TSM Server

B/A client instances running on vStorage Backup Server

Organization of

VM’s in TSM DB

VMware Datacenter (DC1) = ESX1 and ESX2

Recommendation

• Configure 1 TSM VMware target node to map to 1 VMware Data Center

• For additional throughput, consider using more than one dsmc instance on a single vStorage

Backup server.

Example Schedule Definitions

DM1

DC1

DM2

Schedule Definitions

One schedule for full backup and one backup instance / esx server

One schedule for incremental backup and one backup instance / esx server

Full VM Backup

define schedule vmdomain vmschedfullesx TYPE=CLIENT

ACTION=BACKUP SUBACTION=VM OPTIONS=’-ASNODENAME=dc1

–MODE=FULL’ STARTDATE=mm/dd/yyyy STARTTIME=hh:mm

SCHEDSTYLE=ENHANCED DAYOFWEEK=SATURDAY

define association vmdomain vmschedfullesx1 dm1, dm2

Incremental VM Backup

define schedule vmdomain vmschedincesx TYPE=CLIENT

ACTION=BACKUP SUBACTION=VM OPTIONS=’-ASNODENAME=dc1 –MODE=INC’ STARTDATE=mm/dd/yyyy STARTTIME=hh:mm

SCHEDSTYLE=ENHANCED

DAYOFWEEK=SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY

define association vmdomain vmschedincesx dm1, dm2

TSM Client Definitions

dsmcutil inst scheduler /name:"TSM Client Scheduler1" /node:dm1 /password:dm1pass

/clientdir:"c:\tsm\baclient" /optfile:"c:\tsm\dsmdm1.opt" /autostart:no /startnow:no

dsmcutil inst CAD /name:"TSM Client Acceptor1" /optfile:"c:\tsm\dsm.opt1“

/cadschedname:"TSM Client Scheduler1" /node:dm1 /password:dm1pass /autostart:yes

dsmcutil inst scheduler /name:"TSM Client Scheduler2" /node:dm2 /password:dm2pass

/clientdir:"c:\tsm\baclient" /optfile:"c:\tsm\dsmdm2.opt" /autostart:no /startnow:no

dsmcutil inst CAD /name:"TSM Client Acceptor2" /optfile:"c:\tsm\dsm.opt2“

/cadschedname:"TSM Client Scheduler2" /node:dm2 /password:dm2pass /autostart:yes

Tape Configuration

TSM server

Disk storage pool for meta-data

JOB1 MBLK0000.CTL JOB1 MBLKnnnn.CTL JOB1 BITMAP.DAT JOB2 MBLK0000.CTL JOB2 MBLK0003.CTL JOB2 BITMAP.DAT

JOB1 is full backup of VMDK JOB2 is incremental (only blocks in MBLK0000 and MBLK0003 changed)

DB2

Database

Disk 0 MBLK0000 MBLK0001 MBLKnnnn MBLK0002

B/A

Client

JOB2 MBLK0000.DAT JOB2 MBLK0003.DAT JOB1. MBLK0000.DAT JOB1 MBLKnnnn.DAT …\vmname.OVF …\vmname.OVF

Tape Storage Pool for data

VMMC

VMCTLMC

Policy based on management class specification

Client option (VMMC) or default MC

Placement: copy group DESTINATION

Retention: copy group VEREXISTS & RETAINEXTRA

B/A Client: Full VM Recovery

Full Virtual Machine Recovery (any supported Guest OS)

1. Administrator

launches B/A client

to restore VM from

vStorage backup

server and selects

recovery point.

Note – can use new

name to clone VM

2. B/A client will

coordinate the

restore with

ESX/ESXi server

VMware ESX / ESXi Server

Hypervisor

Virtual Machines

TSM

Restore - FULL/INCR - VSTOR/VCB - Display name

VSTOR - FULL/INCR – display name

Query VM

Data Protection for VMware Recovery Agent

Mount

►

Quickly mounts a snapshot, as a partition of ISCSI target device

from the TSM server

►

Mounts snapshots without actually restoring the files to guest

►

Interfaces: GUI and CLI

Instant Restore

►

Restores volume to guest (non-OS volume)

►

Enables on demand access to data while the volume is being

restored

Data Protection for VMware Recovery Agent: Installation

Mount and Instant restore will be packaged as part of TSM for

Virtual Environments 6.2

Two separate installation packages

●

_{Windows (32 and 64 bit)}

●

_{Linux (32 and 64 bit)}

Windows package installed on vStorage backup server (with

6.2.3 B/A client) or on Windows VM guest.

Linux package installed on off-host Linux machine or on Linux

Data Protection for VMware: File Recovery

File Recovery from Partition Mount (Windows and Linux)

VMware ESX / ESXi Server

Hypervisor

Virtual Machines

TSM

Server

1. User launches Windows or Linux Data

Protection for VMware Restore Agent to mount

partition

•

a. Enters TSM node name for

authentication with TSM server

b. Select VM, recovery point and disk

•

c. Select partition mount / partition

2. Volume is presented to local system (if off-host

mount, make volume available to VM guest)

3. User copies files (files restored from TSM

storage pool)

Agent Deployment

Linux and Windows install

packages

1. In-guest for VM user

initiated restore

Data Protection for VMware: File Recovery

File Recovery from iSCSI Mount (Windows and Linux)

VMware ESX / ESXi Server

Hypervisor

Virtual Machines

TSM

Server

1. User launches Windows DP for VMware Restore Agent

a. Enters TSM nodename for TSM server authentication

b. Selects VM, recovery point and disk

c. Selects iSCSI mount

d. Enters iSCSI target name and VM guest iSCSI

initiator name

2. From VM guest, user invokes iSCSI initiator to discovery

and log into iSCSI target.

3. For Linux, user issues mount command (Windows can

automatically discovery new target)

4. User copies files (files restored from TSM storage pool)

Agent deployment:

Widows install

Data Protection for VMware: Instant Restore

Instant Restore of Volume (Windows and Linux)

VMware ESX / ESXi Server

Hypervisor

Virtual Machines

TSM

Server

•

1. User launches DP for VMware Restore Agent

•

Authenticates with TSM server

•

Selects VM, recovery point and non-OS volume

•

2. Volume restore background process initiated

•

3. Data restored on-demand based on access

•

(while background restore in process)

Tape Restore Considerations

B/A Client Full VM Restore

Physical tape or VTL – Fully Supported

DP for VMware Recovery Agent – Mount

Physical tape or VTL- Supported with limitations (re. tech doc being

created to discuss details)

DP for VMware Recovery Agent – Instant Restore

VMware Transport

VMware Transports(SAN, hotadd, NBDSSL, NBD) - VMVSTORTRANSPORT option

Use the VMVSTORTRANSPORT option with the backup VM or restore VM command to specify the

transport to be used with the vStorage API for Data Protection(VADP). The transport determines how

VADP accesses virtual disk data. Valid transports include any order or combination of san, hotadd,

nbdssl, and nbd separated by a colon. The first transport in the list that is available in the environment

will be used. NBD or network based data transfer is the LAN transport and should be available in all

environments. It is not necessary to set this option. The default value is to use the VADP order which is

currently defined as "san:hotadd:nbdssl:nbd". This option is passed directly to the VADP API.

Place VMVSTORTRANSPORT option in the client options file (dsm.opt). Some common examples:

Current default order of transports when none is specified.

VMVSTORTRANSPORT san:hotadd:nbdssl:nbd

When SAN path is temporary unavailable fail the backup so as not to impact LAN.

VMVSTORTRANSPORT san

Disable the use of hotAdd when running backup server inside VM.

VMVSTORTRANSPORT nbdssl:nbd

1. Activate Instant Restore

2. Background Process

restores blocks gradually

3. Write IOs are performed as usual

4. Read IOs from un-recovered

areas create restore on demand

5. All other reads are performed as usual

TSM

Server

Guest

Machine

New Production

Disk

New Guest

Machine

Typical Production

Disk

Instant Restore

Instant Restore allows users to start

using applications on the same disk

to which the volume is being

restored, while the restore operation

is still in process.

Off-Host File Level Restore

(Windows)

ESX Server

…

VMWare vSphere 4.0 Infrastructure

Off-Host File Level Restore

(Linux)

ESX Server

…

VMWare vSphere 4.0 Infrastructure

In-Guest File Level Restore

(Windows)

ESX Server

…

VMWare vSphere 4.0 Infrastructure

In-Guest File Level Restore

(Linux)

ESX Server

…

VMWare vSphere 4.0 Infrastructure

In-Guest Instant Restore

(Windows)

ESX Server

…

VMWare vSphere 4.0 Infrastructure

In-Guest Instant Restore

(Linux)

ESX Server

…

VMWare vSphere 4.0 Infrastructure

Off-Host iSCSI Target

ESX Server

…

VMWare vSphere 4.0 Infrastructure

Trademarks and disclaimers

Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries./ Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. IT Infrastructure Library is a registered trademark of the Central Computer and Telecommunications Agency which is now part of the Office of Government Commerce. ITIL is a registered trademark, and a registered community trademark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office. UNIX is a registered trademark of The Open Group in the United States and other countries. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates. Other company, product, or service names may be trademarks or service marks of others. Information is provided "AS IS" without warranty of any kind.

The customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer.

Information concerning non-IBM products was obtained from a supplier of these products, published announcement material, or other publicly available sources and does not constitute an endorsement of such products by IBM. Sources for non-IBM list prices and performance numbers are taken from publicly available information, including vendor announcements and vendor worldwide homepages. IBM has not tested these products and cannot confirm the accuracy of performance, capability, or any other claims related to non-IBM products. Questions on the capability of non-IBM products should be addressed to the supplier of those products.

All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. Some information addresses anticipated future capabilities. Such information is not intended as a definitive statement of a commitment to specific levels of performance, function or delivery schedules with respect to any future products. Such commitments are only made in IBM product announcements. The information is presented here to communicate IBM's current investment and development activities as a good faith effort to help with our customers' future planning.

Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve throughput or performance improvements equivalent to the ratios stated here.

Prices are suggested U.S. list prices and are subject to change without notice. Starting price may not include a hard drive, operating system or other features. Contact your IBM representative or Business Partner for the most current pricing in your geography.

Photographs shown may be engineering prototypes. Changes may be incorporated in production models.

© IBM Corporation 2011. All rights reserved.

References in this document to IBM products or services do not imply that IBM intends to make them available in every country.

Trademarks of International Business Machines Corporation in the United States, other countries, or both can be found on the World Wide Web at