Disaster recovery: Network sandbox based on vSphere and Hyper-V in Veeam Backup & Replication v7
In the process of ensuring data protection from failures, it is important to regularly monitor backups for the possibility of a full system recovery from them. It is not enough just to check the backup checksum (since, for example, a correct checksum does not guarantee the availability of all the data logically necessary for the applications to work) - a full-scale test recovery is necessary (sometimes with dependent computers, for example, domain controller + Exchange server) to make sure that the system is really recovering completely correctly.
At the same time, companies need to restore the machines to the network thoughtfully and carefully - most likely there will be conflicts between the original and the restored (test) machines if they operate within the same network space (there may be conflicts at the IP, DNS, domain and application levels).
What technologies can help the administrator in this matter in relation to backup and recovery of virtual machines?
')
Is it possible to start a virtual machine from a backup so that it is isolated from the productive network (in order to avoid possible network interaction errors)? Yes you can! The Virtual Lab technology, which I want to talk about, using a specialized proxy server creates an isolated network environment (sandbox), in which it allows you to run temporary virtual machines from the backup repository, while maintaining the ability to access them through the management console . See the picture (the proxy server in the picture is depicted with the “lock” icon):
The Virtual Lab allows the virtual infrastructure administrator to perform three important tasks: regular automated testing of recovery from backups, universal restoration of applications through running their historical images from backups in the sandbox, and the ability to test patches or new versions of applications in the sandbox in front of deploying them to a productive network.
In the sandbox, you can run any number of virtual machines (of course, within the capabilities of the hardware resources). A classic example is the recovery of an Exchange server that needs a working domain controller to work. In this case, the administrator can consistently restore the domain controller in an isolated environment, and then the Exchange server. More on this in this post: Granular restoration of objects of virtualized applications . After “virtual machines from the past” are running in the sandbox, you need to check that the applications installed on them are functioning correctly. For this, you can use both ready-made test utilities and your own scripts (for example, on PowerShell).
With the help of the “Virtual Lab”, the administrator can restore objects of virtually any application through restoring the state of the “virtual machine” to a certain point in the past, when the restored object has not yet been deleted. Moreover, for example, for the case of Active Directory, you can not only restore a single object, but also verify that such a restoration does not conflict with changes in attributes that have occurred in Active Directory since the backup object was restored. In the event of such a conflict, the administrator will be notified of the need to resolve it.
Programmers can use an “isolated environment on demand” for testing purposes: for unit testing, integration testing, testing for user scenarios, for verifying work in a productive network environment. The sandbox can also be used for trainings. In this case, you can make a backup of the study environment and restore it in the sandbox for each study group, or even give this study environment to students “at home” to complete the training tasks.
In conclusion, I would like to add that the functioning of the “Virtual Lab” does not require any software agents that are installed inside the virtual machines. This means that the administrator does not need to engage in the maintenance and management of their life cycle (installation, diagnostics of operational errors, uninstallation). “Virtual Lab” is now available for the VMware environment (in Veeam Backup & Replication 6.5) and in the third quarter of 2013 it will be available for Hyper-V (in version 7).
At the same time, companies need to restore the machines to the network thoughtfully and carefully - most likely there will be conflicts between the original and the restored (test) machines if they operate within the same network space (there may be conflicts at the IP, DNS, domain and application levels).
What technologies can help the administrator in this matter in relation to backup and recovery of virtual machines?
')
Virtual Lab
Is it possible to start a virtual machine from a backup so that it is isolated from the productive network (in order to avoid possible network interaction errors)? Yes you can! The Virtual Lab technology, which I want to talk about, using a specialized proxy server creates an isolated network environment (sandbox), in which it allows you to run temporary virtual machines from the backup repository, while maintaining the ability to access them through the management console . See the picture (the proxy server in the picture is depicted with the “lock” icon):
The Virtual Lab allows the virtual infrastructure administrator to perform three important tasks: regular automated testing of recovery from backups, universal restoration of applications through running their historical images from backups in the sandbox, and the ability to test patches or new versions of applications in the sandbox in front of deploying them to a productive network.
In the sandbox, you can run any number of virtual machines (of course, within the capabilities of the hardware resources). A classic example is the recovery of an Exchange server that needs a working domain controller to work. In this case, the administrator can consistently restore the domain controller in an isolated environment, and then the Exchange server. More on this in this post: Granular restoration of objects of virtualized applications . After “virtual machines from the past” are running in the sandbox, you need to check that the applications installed on them are functioning correctly. For this, you can use both ready-made test utilities and your own scripts (for example, on PowerShell).
With the help of the “Virtual Lab”, the administrator can restore objects of virtually any application through restoring the state of the “virtual machine” to a certain point in the past, when the restored object has not yet been deleted. Moreover, for example, for the case of Active Directory, you can not only restore a single object, but also verify that such a restoration does not conflict with changes in attributes that have occurred in Active Directory since the backup object was restored. In the event of such a conflict, the administrator will be notified of the need to resolve it.
Programmers can use an “isolated environment on demand” for testing purposes: for unit testing, integration testing, testing for user scenarios, for verifying work in a productive network environment. The sandbox can also be used for trainings. In this case, you can make a backup of the study environment and restore it in the sandbox for each study group, or even give this study environment to students “at home” to complete the training tasks.
In conclusion, I would like to add that the functioning of the “Virtual Lab” does not require any software agents that are installed inside the virtual machines. This means that the administrator does not need to engage in the maintenance and management of their life cycle (installation, diagnostics of operational errors, uninstallation). “Virtual Lab” is now available for the VMware environment (in Veeam Backup & Replication 6.5) and in the third quarter of 2013 it will be available for Hyper-V (in version 7).
Additional materials
- Restoration of the Zarafa application (e-mail software) that runs on a Linux virtual machine and uses the MySQL database: webinar recording
- Presentation of the Virtual Laboratory (English): here
- 1:30 short video about the Virtual Laboratory (English): here
- Veeam help center articles with network isolation details ( here ): here
- Article about testing backup recovery: SureBackup - automatically checks the possibility of restoring data from a backup .
Source: https://habr.com/ru/post/182144/
All Articles