Backup and Restore Exchange on VMware using NetBackup – Part1
In this blogging series we will explore how we can protect MS applications installed on VMware using NetBackup, this part will be the first and will explore how to configure NetBackup to protect Exchange 2013 installed on VMware ESXi 5.5
Although it might look straight forward, it is not that straight forward, you must understand some requirements and prerequisites in order to protect MS applications installed inside VMware VMs using Symantec NetBackup.
This lab will assume that you have:
- 1 Domain Controller installed.
- 1 Server running ESXi 5.5
- 1 Server running Exchange 2013 installed on a VM on the ESXi host.
- 1 Server running NetBackup Software for Windows (the configuration should be different on Linux installation).
So let us get started:
Symantec Netbackup 7.6.x can protect VMs and perform VM level backup using offloaded backups to VMware backup host, this backup method can accelerate backup and offload the backup load from the server.
Backups that are performed at the VM level are quiesced for VM consistent backup using VSS, additionally you can perform backup while the machine is running using VMware Snapshot technology.
Often times, MS gurus mix with using snapshots for VM protection and using Snapshots to perform backups, I believe that no one can explain it better than AbdulRasheed , he wrote a great article about it here http://www.symantec.com/connect/blogs/nuts-and-bolts-netbackup-vmware-virtual-machine-snapshots-backing-business-critical-applicatio
So in summary, using snapshots for backups is not the same as using Snapshots to protect Exchange VM.
Now, although we can perform VM level backup at the host level without an agent installed on the ESXi or the VM by connecting vCenter directly, this backup method doesn’t support file level recovery for applications or GRT (you can perform regular file restore but not mailbox or database restore for SQL for example), so you will need to install Symantec NetBackup client on the Exchange or SQL VM in order to perform application aware backup.
Note: up to the date of publishing this article 13/4/2015, Symantec doesn’t support GRT for Exchange 2013, but GRT is supported for earlier versions either using VM policies or Exchange policies.
A word about SAN transport:
One element is to be aware of is the SAN transport option, traditionally if you backup a VM using the backup agent, you will transport the data over the IP network, but what if you have large data set…very large ones.
Then you can use the FC or SAN transport, where you can back up the data directly to the SAN over the SAN network (either to SAN storage or Tape Library).
In VMware, you can perform VM agentless or agent assisted backups and transport the data over FC which can give you increased speed up to 4 times, all what you need is to present the LUNs to the VMware backup host as offline LUNs and configure the policy to use SAN transport, nice haaa
- Install the NetBackup Agent inside the VM
- Install Symantec VSS provider
- Install and configure NFS to browse backup images for GRT (for Exchange 2007/2010).
You can Refer to the documentation on how to perform the above steps.
Assuming that you have everything configured including installing the Netbackup agent on the Exchange VM, you can start connecting to the vCenter:
Enter the FQDN of the vCenter server
Add the vCenter information and account with credentials to connect, and specify the backup host, in my case it is the master server:
one note: make sure to add the account using domain\username, because the GUI doesn’t accept [email protected]
Now you can proceed with configuring a policy, so you can launch the policy configuration wizard:
Specify a policy name
In the Policy Storage select your storage destination, unless you have many of them and you want to load balance the backup jobs:
In the virtual machine options, make sure to specify the VMware backup host, and enable the Exchange recovery.
Note: in the primary VM identifier, you can select the VM host name, this requires the VM tools to be installed and DNS lookups (forward and reverse) are working, for the simplicity I like to choose VM Display name.
In order to select a VM for application protection you must use query based to select the VM or you will get the error “Application Protection options for VMware policies are only valid when using the query option for virtual machine selection in the clients tab”, so you need to create a query in the VM selection to include the required VM
In the backup selection, you must select full backups, you have to note that you can’t perform application level backups using incremental backups, backups of applications at the VM level must utilize full backups.
Then specify the desired internal and retention and schedule.
If everything is configured correctly, you should start seeing the policy kicking in and snapshot is being taken and backups are being performed
Note regarding policy schedule:
if you right click on the policy and chose to run manual backup, the policy will kick in but the backup job will be equivalent to copy backups, meaning that no Exchange logs will be flushed, in order to perform application level backup, you will have to wait for the policy to kick in.
Policy Schedule and Policy Window
Another point that many NBU admins struggle with is the policy frequency, Window and retention, so let me elaborate on this:
Policy Frequency: is how often the policy will kick in, so in the above screenshot, the policy will start every week and this is equivalent to weekly backups.
Policy Window: is the window allowed for the policy to start, so depending on the configured policies, running policies and queued policies, a policy will start when the window comes, or wait until additional resources are freed if all the resources are not available (like a free tape for example).
If the window ended without available resources, the policy will not start and you will miss the backup window, once the policy start, it can exceed the policy window safely, policy window affects the policy start and will not end the policy.
In part 2 of this series we will see how we can perform a restore from the taken backup.