Blogs and podcasts
Bring your knowledge and expertise while creating blogs and podcasts
- 643 Topics
- 5,027 Comments
Achieving 3-2-1-1-0 Protection for Cloud Native Workloads
Today’s topic will be regarding Cloud Native workloads within Azure & AWS and how best to adhere to Veeam’s 3-2-1-1-0 best practices and how concepts can differ from traditional on-premises data protection. Remember the 3-2-1-1-0 best practice is a minimum desired standard and going above and beyond these minimums will help your data availability and recoverability objectives.The public cloud has provided a huge transformation opportunity for organisations, the pay as you go model enables organisations to deploy quickly and without the overheads of infrastructure management. But these platforms are still part of a shared-responsibility model, with a key risk that you retain being, the protection of your data.3 - Copies of Your DataLets start with the easiest one. Three copies of your data, including your production data. Public cloud services such as Azure will inform you that they retain three synchronous copies of your data as a minimum via their “Locally Redundant Storage” offer
1 or more VMs per Job?
So, today I’m gonna show you a simple comparison with 1 VM per job versus 2 or more VM per jobs. On my scenario I have 2 VM for my Active Directory environment with 40GB size each.----------------------------------------------------------------------------------------------------------------------------So, in first example I create 1 job per VM: In this shape it consume exactly 40GB on my repository: ----------------------------------------------------------------------------------------------------------------------------In the second example a create a unique job for the same 2 VM’s: And in this shape it consume 37GB on my repository:---------------------------------------------------------------------------------------------------------------------------- How can we see deduplication of Veeam B&R gives a good space on our backups.In this environment was only 2 small VMs, but now you can imagine how this impact an entire datacenter.
[Quicktip] Overwrite Guest processing when VMs selected by vSphere Tags
Probably the following is widely known. But I did not know up to now and found out today. Maybe it is new for others too.After the Upgrade to v10, suddenly Linux VMs are not getting backed up any more, because defined guest interaction user was domain-based and could therefore not login into Linux VM. So solution would simply be to disable guest processing for this VM. Problem was, VMs were selected by vSphere Tags for this job. Fortunately solution is quite simple:Edit the job and got to Guest Processing and click Application Here you can see the selected vSphere Tag. When you edit this line, options are set for all VMs this Tag was assigned to. Press Add → VMs and Tags → expand Tag of choice → select exception VM Select new line and press Edit Set option as desired for this/these VM(s) That's it! This also works for custom Guest OS Credentials: BTW: If you suffer from the same behavior after upgrading to v10 (and probably to v11 as well): Curiously this is not a bug, it is a bu
[Guide] Veeam Enterprise Manager (SAML 2.0) & Azure Active Directory Configuration Guidance
This document provides step by step instructions to configure Azure Active Directory for SAML authentication in Veeam Enterprise Manager. There are four editions of Azure AD (AAD): Free, Office 365 (which comes together with O365), and two Premium editions P1 and P2. Comparison for all of them can be found at https://azure.microsoft.com/en-us/pricing/details/active-directory/Below you can find steps to setup Veeam Enterprise Manager and Azure AD integration based on AAD from Office 365.Let’s start with the Azure side. Go to Azure portal then go to Azure Active Directory. Go to Enterprise applications → New application → → “Create your own application” → then provide a name for our application i.e. Veeam EM, and select “Integrate any other application you don’t find in the gallery” → Create Within a few moments’ applications will be created and visible under Enterprise Application view. Open it. Now let’s add some users (Step 1). In this version of AAD, only users can be added. In Pre
Easily Recover 4 Different Ways with Veeam Disaster Recovery Orchestrator 4
If you haven’t heard, Veeam Disaster Recovery Orchestrator v4 (formerly known as Veeam Availability Orchestrator) is now available, and better than ever.Now VDRO can orchestrate recovery for 4 types of your protected data:Veeam CDP Replicas - NEW in v4 Veeam Replicas Veeam Backups Replicated Storage Snapshots (NetApp ONTAP and Lenovo ThinkSystem DM)This means you have the ultimate in flexibility and choice when it comes to protecting all of the data in your environment. From mission critical apps, to those dev environments that would be nice to recover easily but are usually ignored for DR planning purposes, you can do it all with the same tool, the same way.It couldn’t be simpler to create a DR plan in Orchestrator. Check out this video where I create a CDP Replica orchestration plan, run a readiness check, and launch a failover in less than 10 minutes.There are some subtle differences between plan types, but yes, Orchestrator is really that easy to use. You can even get granular an
Analyse ReFS space savings with Block cloning
ReFS (Resilient File System) is a file system by Microsoft that provides - since Windows Server 2016 - a feature named Block cloning. Basically it uses pointers to already existing blocks instead of copying or re-creating them. This saves time and disk space. Veeam uses this feature for synthetic operations like merging incremental backups with full or synthetic full.In my opinion Microsoft does not offer a proper utility to analyse ReFS space savings with Block cloning. I think there are at least three ways to show the space benefit of Block cloning:Windows explorer Application that makes use of Block cloning Timothy Dewin's blockstat.exeWindows explorerThe native way to calculate saved space is to simply compare the sum of all files in a partition to the used space of the same partition. Because the partition view includes the space savings and file view does not, the difference shows saved space.As you can see, there are about 44,4 GB space savings. Keep in mind, the properties of t
VMware vSphere 6.5 End of General Support Changes
Hey everyone!VMware released some unexpected news yesterday regarding the end of support for vSphere & vCenter 6.5 and vSAN 6.5 & 6.6. These were both originally intended to reach End of General Support (EoGS) this year, on the 15th November 2021. VMware are now extending this general support window to the 15th October 2022, no changes to the end of technical guidance have been announced.This date might seem familiar, vSphere 6.7 reaches EoGS on the 15th October 2022, meaning unless you have an extended support contract with VMware, this is the date you will need to migrate away from the vSphere 6.x platform by!VMware have kept things simple by extending the EoGS for vSAN 6.5 and 6.6 to this same date which also coincides with vSAN 6.7 EoGS.In summary, things are a lot more simple, on a vSphere/vCenter/vSAN 6.x release that isn’t already EOL? It will reach EoGS on the 15th October 2022 now.However, like so many freebies, there can be strings attached, such is the case here. So,
How SQL Instant Recovery in v11 behaves
This is the second part of my SQL Instant Recovery posts. First part:I would like to list some of the software’s behaviors here.Veeam Explorer for Microsoft SQL Server is closed. One could gain the impression from the documentation Veeam Explorer does the whole work. This is not the case, if Explorer gets closed, just start it again. Mount Server, proxy or repository Server is offline. This is a problem, because these components are necessary for keeping your Instant Recovery database alive. Fortunately Veeam took this into account. So the system checks periodically (every 5 minutes) if needed components are online again and re-establish all connections. If you fixed the problem before next scheduled retry, you can trigger the retry manually by pressing the Retry button.Restoring to original locating with original database still in place. The Explorer wants to have your decision confirmed. Veeam VBR Server uses older SQL Server version than source Server. This is generally not a proble
Kasten introduces KUBESTR, your best friend when it comes to Kubernetes Persistent storage.
One of the challenges that I have faced learning Kubernetes is persistent storage. It is a steep learning curve but one of the most essential areas elements necessary to make containers become a real force in the world of computing. There are many flavors of Kubernetes persistent storage and making the right choice for your workload and application s is no trivial matter.Would it not be nice if there was some helpful utility to test and validate my persistent storage setup?Well now there is thanks to Veeam Kasten’s Kubestr!As stated on its web page “Kubestr is a collection of tools to discover, validate and evaluate your kubernetes storage options.”Lets take a look at what this thing can do:You can download Kubestr here: https://github.com/kastenhq/kubestr/releases/tag/v0.4.13 I chose the Linux binary and downloaded to my control node.Untar the the tarball and you are ready to go. In linux make the file kubestr executable by typing in sudo chmod +x kubestr Then run .kubestr and it will
Backup of Windows 10 PC with server-managed Agent
Hello community,I don’t know if this is common knowledge (I guess all the hardcore Windows Admins hanging around here know this), but I think I share this, nevertheless.I have tried to back up a Windows 10 PC with a server managed VEEAM agent for the first time today (up to now there were Windows Server only). In this environment is no Windows Domain present, local users on all systems only.When I tried to connect to the Windows 10 PC from my VEEAM Server to create a managed server the connection was refused. No specific error message, it just failed… OK, I tried to ping the PC and to connect to it, all ok. Then I tried an administrative share and it failed, too. So, it seems not to be a VEEAM Problem, but a Windows problem…I did some internet research and found that the Windows administrative shares are not accessible by local accounts over the network since Windows Vista. OK, this is some time, but… when do you do such a thing?After some more reading I finally found the solution. You
How to temporarily turn off MS O365 throttling
When you will download data from Exchange Online – Microsoft will throttle your traffic. In previous years to change it, you should open a support ticket to MS. Now you can temporarily change this directly on Microsoft 365 admin center. This can be especially useful for initial full backup for multiple mailboxes. How to setup this? Go to the Microsoft 365 admin center and in the top right corner open help and just type “ews”. Then you have to run tests as a results you will have option to select duration 30, 60 or 90 days with higher throughput speed.select one of available value and update settings.
Live hacking in Office 365 (Video) ! Dont get hooked !
Hi Team! For all of you have the same discussions with customers about security in Microsoft Office 365 i created a video to proof how easy it is to attack your Office 365 credentials and how to get access to your Data: Whenever im in discussions with customers about security of Microsoft Office 365 and why they should backup cloud-data, one of their “argument” is that Microsoft Office 365 is super secure. And to keep it short – yes thats true!But today i will not cover a backup focused topic! Lets concentrate on the customers argument.Have you ever asked yourself : What if someone got your login credentials (also with MFA!) and can access all of your Office 365 data?To be honest, my first mind was sure almost the same you are just thinking about : CMOOOOON thats a miracle ! That kind of hackers only exist in movies!What is better than tell customers how easy it is to hack their environment? Correct ! Show them how easy it is !So i started with the research how i can built my own Offic
Veeam Service Provider Console V5
This video is two-fold. For experienced VSPC users, we cover the new features in V5 and for new users, we will go through deployment, setup and a basic 101 walkthrough of the console! Keep in mind, end users who qualify, can use their own Cloud Connect Enterprise and the VSPC for their own internal environments for free!
v11: NBD multi-threading for VMware backup
Reading through the What’s new document, I discovered an new feature/option which hasn’t been mentioned here before: “NBD multi-threading”As the performance of NBD (network) in VMware backups is often not as good as virtual appliance or direct storage access storage mode, it sounded quite interesting to try. Perhaps this way we can get over some limitations of NBD mode and better utilize the network capacity of our proxies.NBD multi-threading — The backup engine is now capable of establishing multiple NBD connections per VMDK for better performance of network transport mode. At the same time, due to the low limit of max NBD connections per ESXi host, there are reliability concerns associated with increasing the number of such connections. While our resource scheduler tracks NBD tasks per host to ensure they remain within the limit, we decided that a marginal performance benefit is not worth the risk of enabling this new behavior for our entire customer base right away, as there might b
Backup-Relevant improvements in core storage in vSphere 7.0 U2
As you probably have already noticed:VMware released vSphere 7.0 U2 recently This is currently not supported by Veeam. I want to share some important news for this new version that is relevant to backup. See this link for the complete list of core storage improvements:https://blogs.vmware.com/virtualblocks/2021/03/09/vsphere-7-u2-core-storage VMFS SESparse Snapshot Improvements Read performance will be improved by redirecting reads to where data is located (chain or base-disk). Up to now, reads go through the whole snapshot chain and the base-disk. So when you read not-changed data, systems reads from base-disk directly, instead of checking snapshot chain as well. Performance Improvements on VMFSImproved write performance on thin provisioned disks. This is about first writes. It should reduce the potential effects of first writes when using thin-provisioned disks. NFS Improvements I am not very experienced with NFS in vSphere, so this is the improvement:With the release of vSphere 7.0
VBR Console users and roles and job notifications
At the last days I had an issue with job notifications not sent from the VBR Console after modifying the users and roles within the console.One of my clients demanded that the access to the VBR console has to be restricted to some explicitly defined backup Admins and no one else.So, I removed the local Administrators group from the list in the users and roles and added the personalized accounts of the backup admins.Fine, the backup admins can start the console and work with it, and all other accounts have no access…The next morning the admins told me that no job notifications were sent in the night. My first thought was that the colleagues responsible for the mail server and/or the firewalls had done some changes and now the backup server cannot reach the mail server. But after checking with them no changes were done and there were no dropped mails at the mail server. So, it seems that the VEEAM server did not send anything at all…I saw then that some mail from PowerShell scripts were
Borg and its offspring Kubernetes.. So what exactly is this?
Borg and Kubernetes Since the CKA Kubernetes certification is a practical exam with no multiple-choice questions you must wait a day or two until you find out your result. I was on sitting on my back porch when I checked my email and saw the ‘Congratulations” in the title and I literally shouted, “I have Kubernetes!!”. My neighbor who is not IT savvy and witnessed my strange behavior immediately thereafter began doubling his social distancing measures with me. This was the “Covid19 summer” of 2020, and I realized that many people had no idea of what Kubernetes was and to be fair it does sound like something that you can catch.So, what is Kubernetes and why is it being talked about so much?To try and explain why this has become such a hot topic I like to think back to the virtualization revolution. It used to be that when a company wanted to add a new application server the process was a very long and labor intensive one. You had to order the physical server, then you had to rack it, ca
[Quicktip] SAN mode restore performance
As we discussed here earlier, there are 3 transport modes to get data from vSphere for backup.These modes are also available for restore. By default, first mode (order: SAN, Hotadd, NBD) that meet requirements, is selected for restore. For SAN direct mode, a requirement is thick provisioned disk type. You can select each available type (thin, thick eager and lazy zeroed) in restore wizard.My recommendation: If you want to leverage SAN direct mode, choose Thick eager zeroed! This option is much faster than lazy zeroed!I tested these settings in different environments. For example, I saw differences of67 % (150MB/sec for eager vs. 100MB/sec for lazy), 93 % (226MB/sec for eager vs. 16MB/sec for lazy). See here different wizardsVM restore VM Disk restore Interesting LinksIn documentation of version 9.0, you see a hint, for lazy zeroed, vCenter is needed for zeroing.https://helpcenter.veeam.com/backup/vsphere/direct_san_access_writing.html Since v9.5 no difference is made anymore bet
A Short and Simple Description of Container Network Interface (CNI) in Kubernetes
Understanding Kubernetes Networking can be a challenge. A couple of years ago I was tasked to setup a distributed Minio instance running in containers for use with a Veeam SOBR S3 compatible capacity tier. At first, I thought about doing it on Kubernetes but very quickly realized that I was in over my head. I had no previous experience with Kubernetes and I could not just “wing it”. Among other things the networking piece I found especially hard to understand.In the end I created a Docker Swarm cluster which had a much easier almost “plug and play” overlay network and while that did the trick, I understood that simplicity also meant rigidity.Kubernetes follows the age old *nix (Unix, Linux BSDs and so on) philosophy of creating small separate entities that when brought together can scale into something very complex. Networking is no exception.While a Kubernetes cluster does come with some default networking called kubenet it is very limited and not meant for production environments fro
[What (else) is new in v11 - II] High priority Jobs
It is new in v11, but I do not have much detailed information about it.When you create or edit a backup job, you can enable High priority.The idea is to use this option to make clear this is an important job. So it can be started before less important jobs are started. It is not about job performance, it is about start time. Makes perfect sense to me! Under certain circumstances this feature will make job scheduling easier.At first this seems to be available for Backup and Replication jobs.
Kubernetes on your Laptop
Hi Folks,I have written up some quick instructions on setting up Minikube a single node Kubernetes cluster on your laptop. If I have missed something or if anything is unclear please reach out to me. The great thing about Kubernetes is that you can take it anywhere. If just want to familiarize yourself with Kubernetes and do some testing, then Minikube is an easy to install nonproduction single node Kubernetes cluster that you can install on your laptop. I am using my windows 10 Lenovo Thinkpad. First, we need to enable the Hyper-V role (or install Oracle VirtualBox if your laptop OS will not run Hyper-V) on your laptop. Mac users can use brew https://gist.github.com/kevin-smets/b91a34cea662d0c523968472a81788f7 To enable the Hyper-V role, follow these instructions:https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v INSTALL MINIKUBEMinikube is a single node Kubernetes cluster which allows you test Kubernetes.There are two ways to install Minik
Run a veeam lab in the cloud
I was thinking about building a lab at home to play, test and learn certain topics. But as my free time is very limited and I didn't want to ruin our power costs, I came to the idea to run a lab in the cloud.Advantages:low entry costs: you pay what you use/need flexible/scalable: resources are only a few clicks away ability to create different scenarios: offsite, DR, ... new technologies = more knowledgeDisadvantages:long term costs: as long as you're using/reserving resources you need to pay for themBeing a VMware guy I've looked for ways to deploy a vSphere environment or at least an ESXi host, but unfortunately the costs were much to high. Either I would have to go with VMware Cloud or rent a bare-metal machine to install ESXi myself; both are very costly.Hyper-V on the other side is easier to deploy in the cloud, without spending too much; as long as the base system support Nested Virtualization. So I've decided to give it a try and went with Microsoft Azure.Microsoft has published
VBR v11 🔥 How CDP Works with Retention Policies
CDP - Retention Policies A retention policy defines for how long Veeam Backup & Replication must store restore points for VM replicas. Veeam Backup & Replication offers two retention policy schemes:Long-term retention Short-term retentionLong-term RetentionVeeam Backup & Replication retains long-term restore points for the number of days specified in CDP policy settings. When the retention period is exceeded, Veeam Backup & Replication transforms the replication chain in the following way. The example shows how long-term retention works for a VM replica with one virtual disk.Veeam Backup & Replication checks whether the replication chain contains outdated long-term restore points. If an outdated restore point exists, Veeam Backup & Replication rebuilds the file that contains data for the base disk (<disk_name>-flat.vmdk) to include data of the file that contains data for the delta disk (<disk_name>-<index>.vmdk). To do that, Veeam Backup &
Already have an account? Login
Login to the community
Log in with your Veeam account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.