Blogs and podcasts
Bring your knowledge and expertise while creating blogs and podcasts
- 642 Topics
- 5,014 Comments
Veeam Backup & Replication Database backup
Hello There, I just wanted to share an issue I had on one of my customer to avoid others the problem:We setup a standard Veeam Backup & replication Server on a W2019 VM and a Std SQL 2019 on another one to host the DBs from VBR and Enterprise Manager.The DBA from the customer insisted to setup an alias for the DB server when pointing Veeam to its Database server as it’s their best practice to facilitate migration (He was obviously not aware how easy it is to move Veeam Database). So he setup a CNAME that pointed to the real SQL server.The setup went well using the CNAME. We created a “management job” to save Veeam by itself, VBR+SQL servers. The job detected the roles and proceeded as normal but failed on SQL VSS processing. We spent a lot of time to validate that permissions were right (the DBA didn't gave us the sysadmin rights on the backup service account, wise guy) and that the service account on the SQL had the proper permissions too for the VSS writers. Long Story short: I f
Achieving 3-2-1-1-0 Protection for Cloud Native Workloads
Today’s topic will be regarding Cloud Native workloads within Azure & AWS and how best to adhere to Veeam’s 3-2-1-1-0 best practices and how concepts can differ from traditional on-premises data protection. Remember the 3-2-1-1-0 best practice is a minimum desired standard and going above and beyond these minimums will help your data availability and recoverability objectives.The public cloud has provided a huge transformation opportunity for organisations, the pay as you go model enables organisations to deploy quickly and without the overheads of infrastructure management. But these platforms are still part of a shared-responsibility model, with a key risk that you retain being, the protection of your data.3 - Copies of Your DataLets start with the easiest one. Three copies of your data, including your production data. Public cloud services such as Azure will inform you that they retain three synchronous copies of your data as a minimum via their “Locally Redundant Storage” offer
[Quicktip] Rest root password in VMware vCenter VCSA - since 6.7 U1(!)
It is not uncommon to reset root password in VMware VCSA (vCenter Service Appliance). This can be necessary when account is locked or password is expired. Normally, you have to shut it down, enter GRUB and edit start parameter to boot into bash. There you can reset root password. Afterwards you boot VM again. Here is the link to this procedere: https://kb.vmware.com/s/article/2147144With vCenter 6.7 U1 it us much easier! Since then it is possible to use a Single-Sign On (SSO) administrator account (for example: email@example.com) to login to Appliance Interface (Port 5480) and shell. And exactly this can be used to reset the root password. In short it goes like this: Take a snapshot/backup of VCSA - it is always a good idea to start with a backup Login as a SSO-administrator using a SSH client or console. Enable and start shell: shell.set --enable true shell Change root password sudo passwd root DoneHere is the link to the more detailed VMware KB-article: https:/
[Guide] Veeam Enterprise Manager (SAML 2.0) & Azure Active Directory Configuration Guidance
This document provides step by step instructions to configure Azure Active Directory for SAML authentication in Veeam Enterprise Manager. There are four editions of Azure AD (AAD): Free, Office 365 (which comes together with O365), and two Premium editions P1 and P2. Comparison for all of them can be found at https://azure.microsoft.com/en-us/pricing/details/active-directory/Below you can find steps to setup Veeam Enterprise Manager and Azure AD integration based on AAD from Office 365.Let’s start with the Azure side. Go to Azure portal then go to Azure Active Directory. Go to Enterprise applications → New application → → “Create your own application” → then provide a name for our application i.e. Veeam EM, and select “Integrate any other application you don’t find in the gallery” → Create Within a few moments’ applications will be created and visible under Enterprise Application view. Open it. Now let’s add some users (Step 1). In this version of AAD, only users can be added. In Pre
Easily Recover 4 Different Ways with Veeam Disaster Recovery Orchestrator 4
If you haven’t heard, Veeam Disaster Recovery Orchestrator v4 (formerly known as Veeam Availability Orchestrator) is now available, and better than ever.Now VDRO can orchestrate recovery for 4 types of your protected data:Veeam CDP Replicas - NEW in v4 Veeam Replicas Veeam Backups Replicated Storage Snapshots (NetApp ONTAP and Lenovo ThinkSystem DM)This means you have the ultimate in flexibility and choice when it comes to protecting all of the data in your environment. From mission critical apps, to those dev environments that would be nice to recover easily but are usually ignored for DR planning purposes, you can do it all with the same tool, the same way.It couldn’t be simpler to create a DR plan in Orchestrator. Check out this video where I create a CDP Replica orchestration plan, run a readiness check, and launch a failover in less than 10 minutes.There are some subtle differences between plan types, but yes, Orchestrator is really that easy to use. You can even get granular an
1 or more VMs per Job?
So, today I’m gonna show you a simple comparison with 1 VM per job versus 2 or more VM per jobs. On my scenario I have 2 VM for my Active Directory environment with 40GB size each.----------------------------------------------------------------------------------------------------------------------------So, in first example I create 1 job per VM: In this shape it consume exactly 40GB on my repository: ----------------------------------------------------------------------------------------------------------------------------In the second example a create a unique job for the same 2 VM’s: And in this shape it consume 37GB on my repository:---------------------------------------------------------------------------------------------------------------------------- How can we see deduplication of Veeam B&R gives a good space on our backups.In this environment was only 2 small VMs, but now you can imagine how this impact an entire datacenter.
How SQL Instant Recovery in v11 behaves
This is the second part of my SQL Instant Recovery posts. First part:I would like to list some of the software’s behaviors here.Veeam Explorer for Microsoft SQL Server is closed. One could gain the impression from the documentation Veeam Explorer does the whole work. This is not the case, if Explorer gets closed, just start it again. Mount Server, proxy or repository Server is offline. This is a problem, because these components are necessary for keeping your Instant Recovery database alive. Fortunately Veeam took this into account. So the system checks periodically (every 5 minutes) if needed components are online again and re-establish all connections. If you fixed the problem before next scheduled retry, you can trigger the retry manually by pressing the Retry button.Restoring to original locating with original database still in place. The Explorer wants to have your decision confirmed. Veeam VBR Server uses older SQL Server version than source Server. This is generally not a proble
How SQL Instant Recovery in v11 works
See here how it works in a step by step guide.To start in Instant SQL Recovery wizard, select your server and choose Restore application items.Here you choose if you want to restore to the latest available restore point, or select a listed one. At the end of wizard press Browse. Veeam Explorer for Microsoft SQL Server starts.Choose the database you want instantly recovered and select to do so. You have these options to choose from: Latest restore point. Point-in-time state. Recover to another server. This you can used to recover DB using a different name while original DB is still in place. In this demo, I selected point-in-time state to show additional options.Select point-in-time state you want recover to.Notice:First option recovers to date and time, recovery point was created. Second option lets you choose the exact date and time to restore to. As noted, transaction log backup is required here. Checking option to restore to a specific transaction, lets you choose a marked tran
Kasten introduces KUBESTR, your best friend when it comes to Kubernetes Persistent storage.
One of the challenges that I have faced learning Kubernetes is persistent storage. It is a steep learning curve but one of the most essential areas elements necessary to make containers become a real force in the world of computing. There are many flavors of Kubernetes persistent storage and making the right choice for your workload and application s is no trivial matter.Would it not be nice if there was some helpful utility to test and validate my persistent storage setup?Well now there is thanks to Veeam Kasten’s Kubestr!As stated on its web page “Kubestr is a collection of tools to discover, validate and evaluate your kubernetes storage options.”Lets take a look at what this thing can do:You can download Kubestr here: https://github.com/kastenhq/kubestr/releases/tag/v0.4.13 I chose the Linux binary and downloaded to my control node.Untar the the tarball and you are ready to go. In linux make the file kubestr executable by typing in sudo chmod +x kubestr Then run .kubestr and it will
Backup of Windows 10 PC with server-managed Agent
Hello community,I don’t know if this is common knowledge (I guess all the hardcore Windows Admins hanging around here know this), but I think I share this, nevertheless.I have tried to back up a Windows 10 PC with a server managed VEEAM agent for the first time today (up to now there were Windows Server only). In this environment is no Windows Domain present, local users on all systems only.When I tried to connect to the Windows 10 PC from my VEEAM Server to create a managed server the connection was refused. No specific error message, it just failed… OK, I tried to ping the PC and to connect to it, all ok. Then I tried an administrative share and it failed, too. So, it seems not to be a VEEAM Problem, but a Windows problem…I did some internet research and found that the Windows administrative shares are not accessible by local accounts over the network since Windows Vista. OK, this is some time, but… when do you do such a thing?After some more reading I finally found the solution. You
VMware vSphere 6.5 End of General Support Changes
Hey everyone!VMware released some unexpected news yesterday regarding the end of support for vSphere & vCenter 6.5 and vSAN 6.5 & 6.6. These were both originally intended to reach End of General Support (EoGS) this year, on the 15th November 2021. VMware are now extending this general support window to the 15th October 2022, no changes to the end of technical guidance have been announced.This date might seem familiar, vSphere 6.7 reaches EoGS on the 15th October 2022, meaning unless you have an extended support contract with VMware, this is the date you will need to migrate away from the vSphere 6.x platform by!VMware have kept things simple by extending the EoGS for vSAN 6.5 and 6.6 to this same date which also coincides with vSAN 6.7 EoGS.In summary, things are a lot more simple, on a vSphere/vCenter/vSAN 6.x release that isn’t already EOL? It will reach EoGS on the 15th October 2022 now.However, like so many freebies, there can be strings attached, such is the case here. So,
How to temporarily turn off MS O365 throttling
When you will download data from Exchange Online – Microsoft will throttle your traffic. In previous years to change it, you should open a support ticket to MS. Now you can temporarily change this directly on Microsoft 365 admin center. This can be especially useful for initial full backup for multiple mailboxes. How to setup this? Go to the Microsoft 365 admin center and in the top right corner open help and just type “ews”. Then you have to run tests as a results you will have option to select duration 30, 60 or 90 days with higher throughput speed.select one of available value and update settings.
[Quicktip] Overwrite Guest processing when VMs selected by vSphere Tags
Probably the following is widely known. But I did not know up to now and found out today. Maybe it is new for others too.After the Upgrade to v10, suddenly Linux VMs are not getting backed up any more, because defined guest interaction user was domain-based and could therefore not login into Linux VM. So solution would simply be to disable guest processing for this VM. Problem was, VMs were selected by vSphere Tags for this job. Fortunately solution is quite simple:Edit the job and got to Guest Processing and click Application Here you can see the selected vSphere Tag. When you edit this line, options are set for all VMs this Tag was assigned to. Press Add → VMs and Tags → expand Tag of choice → select exception VM Select new line and press Edit Set option as desired for this/these VM(s) That's it! This also works for custom Guest OS Credentials: BTW: If you suffer from the same behavior after upgrading to v10 (and probably to v11 as well): Curiously this is not a bug, it is a bu
Kasten on your Minikube
Not long ago we setup a single node test Kubernetes cluster on our laptop using Minikube.Now let’s install the next generation of backup technology! Kasten.Kasten means box or container in German just in case you were wondering about the funny name :)We have already installed Chocolatey on our Windows laptop so we can go ahead and use it to install Helm. Helm is like a Linux software package manager but for Kubernetes: choco install Kubernetes-helm We will now use Helm to install the Kasten Helm Chart. You can find out more about Helm here: https://helm.sh/First, we must create a kasten-io namespace:kubectl create ns kasten-ioA namespace is a segregated area where only the pods for this setup will run. Next we need to add the Kasten repository to Helm so that it knows where to get our Kasten images: helm repo add kasten https://charts.kasten.io/ We are all set and ready to go.The install command is pretty straight forward but if you will remember we setup local storage in Minikube usin
VBR v11 🔥 Requirements and Limitations Veeam CDP
Requirements and Limitations CDP has a set of requirements and limitations. RequirementsThe following requirements apply to CDP:CDP is included in the Veeam Universal License. When using a legacy socket-based license, the Enterprise Plus edition is required.For supported platforms, see Platform Support. For supported source and target datastores, see Veeam CDP Source and Target. All hosts in a cluster must be of the same major version: 7.x or 6.x (6.5, or 6.7, or a combination of 6.5 and 6.7 is supported). In turn, all clusters managed by the same vCenter Server must also be of the same major version. VMs on the same cluster must be protected with CDP only by one backup server. The machine where the backup server resides must have at least 16 GB RAM. VMs that you plan to protect must not have snapshots at the moment when the CDP policy starts for the first time. Network between infrastructure components required for CDP must be 1 Gbps or faster. For high loaded systems, 10 Gbps and MTU
Designing Meaningful Recovery Point Objective & Recovery Time Objective Policies
Today, I’d like to talk about creating and scoping realistic and enforceable RPOs and RTOs for your Business Continuity (BC) and Disaster Recovery (DR) policies and Service Level Agreements (SLAs) within your organization. As every organization will have different requirements the focus of this blog post is on general considerations for shaping your policy.Additionally this blog post is focused around policy design as opposed to backup technologies and should be vendor agnostic for the most part, though where I am aware of features from my backup solution of choice (Veeam of course!!!) I have referenced improvements that solutions such as Veeam can bring to the process.The assumption is made that you’re already aware of the applications, operating systems and data within the organisation/environment you’re designing these policies for. Step One: Define Recovery Priority Before we start to consider recovery point objectives, we should consider the recovery time objectives of our workloa
Veeam Service Provider Console V5
This video is two-fold. For experienced VSPC users, we cover the new features in V5 and for new users, we will go through deployment, setup and a basic 101 walkthrough of the console! Keep in mind, end users who qualify, can use their own Cloud Connect Enterprise and the VSPC for their own internal environments for free!
Live hacking in Office 365 (Video) ! Dont get hooked !
Hi Team! For all of you have the same discussions with customers about security in Microsoft Office 365 i created a video to proof how easy it is to attack your Office 365 credentials and how to get access to your Data: Whenever im in discussions with customers about security of Microsoft Office 365 and why they should backup cloud-data, one of their “argument” is that Microsoft Office 365 is super secure. And to keep it short – yes thats true!But today i will not cover a backup focused topic! Lets concentrate on the customers argument.Have you ever asked yourself : What if someone got your login credentials (also with MFA!) and can access all of your Office 365 data?To be honest, my first mind was sure almost the same you are just thinking about : CMOOOOON thats a miracle ! That kind of hackers only exist in movies!What is better than tell customers how easy it is to hack their environment? Correct ! Show them how easy it is !So i started with the research how i can built my own Offic
Backup-Relevant improvements in core storage in vSphere 7.0 U2
As you probably have already noticed:VMware released vSphere 7.0 U2 recently This is currently not supported by Veeam. I want to share some important news for this new version that is relevant to backup. See this link for the complete list of core storage improvements:https://blogs.vmware.com/virtualblocks/2021/03/09/vsphere-7-u2-core-storage VMFS SESparse Snapshot Improvements Read performance will be improved by redirecting reads to where data is located (chain or base-disk). Up to now, reads go through the whole snapshot chain and the base-disk. So when you read not-changed data, systems reads from base-disk directly, instead of checking snapshot chain as well. Performance Improvements on VMFSImproved write performance on thin provisioned disks. This is about first writes. It should reduce the potential effects of first writes when using thin-provisioned disks. NFS Improvements I am not very experienced with NFS in vSphere, so this is the improvement:With the release of vSphere 7.0
Borg and its offspring Kubernetes.. So what exactly is this?
Borg and Kubernetes Since the CKA Kubernetes certification is a practical exam with no multiple-choice questions you must wait a day or two until you find out your result. I was on sitting on my back porch when I checked my email and saw the ‘Congratulations” in the title and I literally shouted, “I have Kubernetes!!”. My neighbor who is not IT savvy and witnessed my strange behavior immediately thereafter began doubling his social distancing measures with me. This was the “Covid19 summer” of 2020, and I realized that many people had no idea of what Kubernetes was and to be fair it does sound like something that you can catch.So, what is Kubernetes and why is it being talked about so much?To try and explain why this has become such a hot topic I like to think back to the virtualization revolution. It used to be that when a company wanted to add a new application server the process was a very long and labor intensive one. You had to order the physical server, then you had to rack it, ca
v11: NBD multi-threading for VMware backup
Reading through the What’s new document, I discovered an new feature/option which hasn’t been mentioned here before: “NBD multi-threading”As the performance of NBD (network) in VMware backups is often not as good as virtual appliance or direct storage access storage mode, it sounded quite interesting to try. Perhaps this way we can get over some limitations of NBD mode and better utilize the network capacity of our proxies.NBD multi-threading — The backup engine is now capable of establishing multiple NBD connections per VMDK for better performance of network transport mode. At the same time, due to the low limit of max NBD connections per ESXi host, there are reliability concerns associated with increasing the number of such connections. While our resource scheduler tracks NBD tasks per host to ensure they remain within the limit, we decided that a marginal performance benefit is not worth the risk of enabling this new behavior for our entire customer base right away, as there might b
VBR Console users and roles and job notifications
At the last days I had an issue with job notifications not sent from the VBR Console after modifying the users and roles within the console.One of my clients demanded that the access to the VBR console has to be restricted to some explicitly defined backup Admins and no one else.So, I removed the local Administrators group from the list in the users and roles and added the personalized accounts of the backup admins.Fine, the backup admins can start the console and work with it, and all other accounts have no access…The next morning the admins told me that no job notifications were sent in the night. My first thought was that the colleagues responsible for the mail server and/or the firewalls had done some changes and now the backup server cannot reach the mail server. But after checking with them no changes were done and there were no dropped mails at the mail server. So, it seems that the VEEAM server did not send anything at all…I saw then that some mail from PowerShell scripts were
[Blog Post] Step by step of Veeam Agent for Mac 1.0 @ Part 2 (Restore from VBR v11)
From Veeam Backup & Replication restore Mac OS FileOpen Veeam Backup & Replication console and click Backups, Disk. You will see the Mac Agent Backup. Right-click “Your Mac Device Name”, Restore guest Files, Linux, and other…Select the available restore point.A new feature of v11 is the ability to leverage an existing managed Linux server to act as the file-level recovery appliance, you can choose a Linux host that I have in my environment.v11 will open the Veeam Backup Browser, which enables the ability to see the structure and the ability to recover your files and folders.You can restore folder or file to the v11 Desktop only, If you need direct restore the Mac device, please continue to see “Step by step of Veeam Agent for Mac 1.0 @ Part 3 (Restore from MacOS)” Coming Soon…Reference Link: https://vexperthk.com/2021/03/09/step-by-step-of-veeam-agent-for-mac-1-0-part-2-restore-from-vbr-v11/
[Quicktip] SAN mode restore performance
As we discussed here earlier, there are 3 transport modes to get data from vSphere for backup.These modes are also available for restore. By default, first mode (order: SAN, Hotadd, NBD) that meet requirements, is selected for restore. For SAN direct mode, a requirement is thick provisioned disk type. You can select each available type (thin, thick eager and lazy zeroed) in restore wizard.My recommendation: If you want to leverage SAN direct mode, choose Thick eager zeroed! This option is much faster than lazy zeroed!I tested these settings in different environments. For example, I saw differences of67 % (150MB/sec for eager vs. 100MB/sec for lazy), 93 % (226MB/sec for eager vs. 16MB/sec for lazy). See here different wizardsVM restore VM Disk restore Interesting LinksIn documentation of version 9.0, you see a hint, for lazy zeroed, vCenter is needed for zeroing.https://helpcenter.veeam.com/backup/vsphere/direct_san_access_writing.html Since v9.5 no difference is made anymore bet
Already have an account? Login
Login to the community
Log in with your Veeam account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.