Virtualization has changed the face of enterprise computing, allowing unimaginable flexibility in resource provisioning, workload balancing and system utilization. But managing a contingent of virtual machine instances poses a new set of problems for IT administrators -- particularly when it comes to protecting, backing up and restoring VMs in a busy data center. It's easy to overlook the importance of protecting virtual workloads. In order to backup and restore VMs with minimal disruption, administrators must understand the unique challenges of virtual server backups, the scope of protection options available and the most common tools available to do the job.
Virtual backup challenges
Any VM backup strategy must include a careful consideration of the challenges and problems associated with traditional backup processes. Perhaps the most noteworthy problem is the impact of backups on system performance. Backing up a single application to a remote backup target (such as a disk array) can easily congest the local network, but backing up 10, 15 or more VMs simultaneously can cause serious LAN disruptions that may leave workloads inaccessible during the backup window. Some organizations might respond by staggering backups, but this only forces a longer backup window. In this scenario, the performance degradation isn't as great, but it's spread out over a longer time.
Performance degradation typically occurs because IT administrators treat each VM separately, installing a backup agent on each VM and initiating multiple simultaneous backups that impose incredible I/O demands. Modern virtual-server backups should use a virtualization-aware tool installed at the host or hypervisor level that can handle all the server's VMs as a single backup cycle.
Another critical issue is the VM state and the availability of each workload to users. In a traditional backup process, the hypervisor must tell the VM that a backup is taking place. This should ideally quiesce (pause) the workload and force the current VM state in memory to be written to disk before the backup process starts. This way, the backup would capture the latest machine state. If the hypervisor cannot quiesce the VM (perhaps because the backup tool is not virtualization-aware), the machine state on disk may not reflect the current machine state in memory -- which can also continue to change as the backup takes place. The result is a poor, essentially un-restorable backup that wastes time and effort.
These problems are exacerbated when there are many idle or unneeded VMs in an environment. Controlling VM sprawl not only will reduce investments in computing resources, but also will result in faster and more efficient backup cycles.
Modern VM backup options
There are numerous options available to protect VMs. IT professionals should take the time to consider the tradeoffs involved in each approach because some are better suited to virtualization than others.
One approach is offline backups, where a server's workloads are "quiesced" and a complete backup cycle is performed on all the workloads before the server is returned to normal operation. This approach works, but because the VMs are inaccessible during the entire backup window, it's a poor choice for an enterprise data center where workload availability is paramount.
Traditional backups use the same paradigms (even the same tools) that are applied to physical servers: A backup agent is installed in each VM, the VM is quiesced, and the backup cycle is executed for the VM. This approach also works and is largely independent of the underlying hypervisor, but each backup cycle imposes heavy I/O demands. In a virtual server where multiple workloads share the server's bandwidth, the I/O demands can impair the performance of other VMs. Executing multiple backup cycles simultaneously can devastate the server's performance. host-level backup tools can ease the performance impact by backing up the entire system and all its workloads as a single process. Still, traditional backups are not popular in the enterprise.
Some organizations try to overcome the computing overhead involved in backup processes through the use of a proxy server. For example, a server cluster may have two synchronized copies of a workload running in production. Rather than backing up the running VM, the backup software will back up the synchronized VM copy instead. Because the backup is actually running on the copy rather than on the original (main) workload, the backup I/O demands will not affect the main workload.
An increasingly popular approach to protecting VMs is the use of server- or console-based snapshots that allow the hypervisor to capture the VM's state in memory and store the copy of that memory image on disk (or even move it to tape). In many cases, snapshots can be executed very quickly -- often in a matter of moments -- and use relatively little disk space. This means snapshots typically are far less disruptive than more traditional backup approaches. Snapshots also can be restored from disk to memory very quickly. Snapshots are well suited for all but the most demanding enterprise applications.
Some hypervisors employ proxy servers to avoid the impact of virtual server backups on production applications. Using this method, the hypervisor directs the processing load onto a dedicated server or onto the backup server. If you're using the latest hypervisor technology, this method will deliver consistent virtual server backups with minimal load on the physical host and its applications. However, this option is not available for all hypervisors.
A final option is to deploy snapshot capabilities at the storage array. Since VMs typically use a centralized storage array (such as a storage area network or network-attached storage), this option eliminates backup processing from the server entirely and leverages the storage array to create backups to other disk groups within the array -- or to other local or remote storage arrays. Many modern storage arrays are built with snapshot or replication capabilities as a native feature of the device.
It's important to note that these backup approaches are not mutually exclusive and can be mixed within the same environment to meet the unique needs and limitations of any business. For example, a business might employ server-based snapshots to a storage array for one level of protection, then use array-level snapshots to provide a secondary backup for disaster recovery purposes.
Backup tool choices and considerations
There are countless backup software tools ranging from simple tools for small and medium-sized businesses to sophisticated, full-featured, enterprise-grade tools. Some notable examples of backup tools for virtualized servers include Acronis Backup and Recovery 11 Virtual Edition, PHD Virtual Backup v6.0, Quest vRanger 5.5, Thinware vBackup, and Veeam Backup and Replication v7. Regardless of the specific tool, however, there are three backup tool characteristics that every IT professional should consider.
First, look for agentless tools that can create images or file stores across a range of media (such as disk arrays, tape systems, optical storage and so on). The backup server should integrate with the current hypervisor platform (such as vSphere, Hyper-V or XenServer) and exist as its own VM. If you're using multiple hypervisors, be sure that the tool will function properly across multiple hypervisors. Common tools can create traditional backup packages along with snapshots that can be directed to local or remote storage targets.
Second, consider the restoration capabilities and application-awareness of the backup tool. This can make the difference between recovering individual files or emails versus having to restore an entire application. For example, a backup tool that is suited for Microsoft Exchange might allow recovery of individual emails without having to restore entire mailboxes.
Third, organizations that are subject to industry or government-level regulatory compliance, or have other security concerns should consider encryption capabilities to guard the backup against loss or theft.
Virtual server backups remain an essential part of any organization's data protection strategy, but the tools have evolved and options have expanded significantly. IT professionals must understand the implications of modern backup approaches and appreciate the importance of critical features in order to sort through the bewildering array of choices and select the backup product that meets the unique needs of each virtualized data center.