SEP sesam backup client for VMware vStorage API
From SEPsesam
(C)SEP AG
Copyright 1999-2011 by SEP AG. All Rights reserved.
Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.
Contents |
Introduction
The SEP sesam extension for VMware vStorage APIs for Data Protection (VADP) provides hot backups of Virtual Machines (VMs) running on VMware ESXi servers. Consistent backups are achieved by creating a snapshot of virtual machine and transferring data of virtual disk (VMDK) files directly to the SEP sesam Server or SEP sesam Remote Device Server. If a storage network environment is configured properly data can be transferred from ESXi server to SEP sesam Remote Device Server directly over SAN to avoid network traffic.
Advantages
- No workload on the ESX Server
Disadvantages
- Virtual machines must be on a SAN storage device to avoid data transfer over network
System requirements
- vSphere Infrastructure 4.1 and higher
- SEP sesam Server version >= 4.0.5.x (for VSphere 5 support)
- One Windows 2003 SP2/2008 server operating as SEP sesam DataMover for VMware vSphere. The vCenter Server can play this role or any another Windows server.
- The following packages and modules have to be installed:
- PowerShell 2.0
- VMware Virtual Disk Development Kit (VDDK) version 5
- SEP sesam Client package version >= 4.0.5.x (Server-, GUI- or RDS- package will work too).
| ESXi |
|
ESXi free is the free VMware Hypervisor. Because it doesn't include VMware vStorage, it couldn't be saved by SEP sesam VADP client. |
Functional principle
To run a SEP sesam backup and restore in a vSphere environment with vStorageAPI a SEP sesam Client is necessary. This functions as a SEP sesam DataMover (central communication element) between SEP sesam Server and VMware vSphere Farm.
The arrows in the illustration show the direction of the connection establishment. After, data certainly flows in both directions.
The initial communication goes from the SEP sesam Server to the vCenter Server. For this the vCenter Server has to be registered as a client in the SEP sesam environment. Communication for browsing starts over the SEP sesam control port 11301 (1) and goes to the vCenter Server. This means that when setting up a backup task you're always shown the file structure of the vCenter first. Now if the VMware vSphere branch is chosen, the https-connection (2) from the SEP sesam Server to the vCenter Server is started. Here, all virtual machines are identified and displayed.
When SEP sesam Server starts the backup it initiates a SEP sesam control connection (Port 11301) to the datamover (3). The datamover connects over the open source LIBVIRT library via https to the vCenter Server (4). There all parts of the virtual machine that are going to be backed up are identified. Now before a new SEP sesam backup snapshot is created all possibly still existing old SEP sesam backup snapshots are deleted. After taking the snapshot the datamover establishes a connection via the VMware VDDK on port 902 (6) to the ESXi server, where the VM that is being backed up, is hosted. Now the files of the VM are transferred from the ESXi server over the VDDK to the datamover and then further over the SEP sesam Transfer Protocol (7) to the SEP sesam Server where they are saved onto a medium of the chosen media pool.
For restores the way is the same except backwards.
vCenter Server, Data Mover and SEP sesam Server can run on the same machine.
If Data Mover runs virtualized on the Data Center from which VMs should be saved, SAN backups will not work.
Restrictions
| Restrictions |
|
Installation
- Install at least SEP sesam Client package for Windows on vCenter Server.
- Install at least SEP sesam Client package for Windows on another Windows server acting as Data Mover.
- This is not necessary, if vCenter or SEP sesam Server will be used as DataMover
- Download the VMware VDDK package from VMware homepage and install it on the DataMover.
VDDK installation on Windows x64
VMware VDDK will be installed for x86 environment. The necessary x64 libraries can be found as a ZIP file in the VMware program directory after the installation.
A PowerShell script to install these libraries and set the registry key correctly is included in the SEP sesam package.
To do this, a PowerShell environment has to be installed.
- Login on the DataMover
- Open the
<SESAM_ROOT>/bin/sesamdirectory (SEP sesam Server, SEP sesam RDS) respectively the<SESAM_ROOT>/skeldirectory (SEP sesam Client) - Execute the set_vddk64.ps1 script (In the PowerShell command line .\ hast to be prefixed)
| Attention |
|
To execute PowerShell scripts, the execution policy has to be set to "RemoteSigned". Also read No PowerShell script becomes executed on a destination machine. |
Options
Instead of installing a separate Windows Server as the DataMover, the vCenter Server or the SEP sesam Server can also be used as the DataMover. If this is the case the VMware VDDK has to be installed on that machine.
If the SEP sesam Server is supposed to be used as the DataMover it has to run on a Windows operating system.
Recommendation
The image above shows a configuration example. Due to limitations of the VMware vStorageAPI when the SEP sesam DataMover is simultaneously accessing the DataStore of a VM that is located on the same ESXi host, we recommend using a physical server. In this case Windows Server 2003 as well as Windows Server 2008 with 32- or 64-bit architecture can be used.
If the vCenter Server is physical machine as well - as shown in the example - both systems can be combined.
Configuration
Configuration in SEP sesam GUI
- Configure Virtual Center server in the SEP sesam GUI as a normal Windows client.
- Select the check box Client is a vCenter Server
- Add a vCenter user name and password in the vCenter Access tab
- Select a data mover, if the vCenter Server is not supposed to transfer the backup data
Backup
In the SEP sesam GUI create a new backup task with task type VMware vSphere. The VM name (backup source) can be selected with the client file system browser under VMware vSphere.
The backup source has the following format: /<data center>/<display name of VM>
Example:
/<data center>/<VM name>
VM SEP-DC01 in data center esxixfix:
Source=/esxixfix/SEP-DC01
Exclude of VMDKs
One or several VMDK files (VM partitions) can be excluded from backup by specify complete path or symbolic link in exclude option. These values have to be inserted manually in the exclude field. The symbolic names reference the order of partitions in the virtual machine definition.
The 1st partition is vmdk0, the 2nd is vmdk1, and so on.
Transport modes
In the vStorageAPI there exist several transport modes for transferring the data from the VMware datastore to the backup device.
- SAN
- To use SAN as transport mode during backup, VMDKs of VM must be on a SAN device, which can be accessed with the SEP sesam data mover.
- HOTADD
- Back up virtual disk files on any shared storage or local storage. If this transport mode can be used is depending strongly on the VMware vSphere environment configuration.
- NBD
- The Network Block Device mode transports the data over the regular LAN
- NBDSSL
- Same way like NBD, but the data will be encrypted by SSL.
By default, the following order is set in the vStorageAPI: san:hotadd:nbdssl:nbd. Using the backup option trans, the transport mechanisms that are to be used by the vStorageAPI can be forwarded with the backup task:
Example in the tab Options 1 in Backup options:
-a trans=nbd:nbdssl
Here, the data stream is set to travel via LAN, regardless of encryption.
Restore
The restore can be started with the regular SEP sesam restore wizard.
- All vCenter Servers that are configured as SEP sesam Clients can be selected for restore.
- The according Data Centers and ESXi servers can be selected.
- If different login credentials are needed SEP sesam will ask for them.
- If vCenter is not set, the restore will be done directly over the ESXi server
Select the according restore task and confirm the selection with <Next>.
On the page Save and Start of the restore wizard, the valid VMware infrastructure values for the backup are shown. If the VM is not supposed to be backed up to its original state, different existing values for VMware Datacenter, ESXi server and VMware DataStore can be selected. If necessary, you'll be asked to enter the valid users/passwords to authenticate to the vCenter and to the ESXi Server.
Additionally it is possible to verify the login information with the <Check>-button. If clicking the <Check>-button doesn't cause a login dialog to appear, the stored information is valid.
If the option Overwrite is set, an existing VM with the same name will be deleted before the restore starts
Trouble Shooting
Message: libvir: error : internal error Missing essential config entry 'XXXXX'
Reason
- There is an invalid entry in VM configuration (like missing CDROM image file).
Solution
- Remove or correct configuration
Message: VIX_E_FAIL
- Error occurs during backup of 2nd VMDK.
Reason
- timeout in vCenter connection
Solution
- Update VDDK library to version 1.2.1
Message: VIX_E_FILE_NOT_FOUND respectively VIX_E_FILE_ACCESS_ERROR respectively You do not have access rights to this file
Reason
- Could not quiesce the guest system
Solution
- Have a look at this VMware article: http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1031298.
Otherwise start backup with option -a qui=0. As a result of this option the involved system boots in normal state and shows message regarding safe boot.
Backup fails with error:
sbc-1500: Error: Create VDDK configuration file failed: C:\Program Files\SEPsesam\var\tmp\\_vadp_\vddk.ini: No such file or directory
Reason
- tmp/_vadp_ hasn't be created
Solution
- after first backup, directory exists and error doesn't occur any more.
