Backup as a Service (BaaS) for vCloud with Acronis
Today, many are talking about how cloud computing is changing our view of the world. Constantly there are new technologies that simplify our lives, increase work efficiency, reduce costs and eliminate headaches. In fact, there are already so many of them that it is becoming increasingly difficult to keep a finger on the pulse and choose the most useful ones for yourself. I will try to simplify this task a bit and discuss how to organize a backup service for the vCloud environment (whether it is public or private cloud) using Acronis Backup and Recovery (ABR) for vCloud.
Let me briefly talk about the advantages of this system.
Consider the VMware vCloud environment - it allows you to work on the IT-as-a-Service model with public cloud tenants or branches / departments of a large company, providing centralized control and management of infrastructure, and at the same time enables customers to independently manage their resource pools. Backing up is an essential part of the IT world, so why not use the same approach for it? Cloud owners could centrally manage the backup and storage infrastructure, while at the same time letting end users independently manage backup and recovery of their resources. This reduces the costs and time of cloud administrators to restore user resources on demand and develop various backup policies in accordance with the different needs of tenants.
ABR for vCloud allows cloud owners to deploy a backup solution in their datacenter, end users can use the web interface with their vCloud Director credentials, view a list of their vCloud resources (virtual machines and vApps) and set their own backup schedules and storage rules. The end user can also perform the recovery on their own, saving all vCloud settings, including network configuration and other metadata of virtual machines and vApps. The service provider can define storage quotas for organizations and set access rights, giving tenants full control over backup and recovery schedules, or limiting them only to predefined schedules. You can even limit the end user, allowing him to perform only recovery. And, of course, users will be able to monitor the status of the backup and receive email notifications about the successful completion or failure of the process.
')
The development team of this product had a very difficult task - to create a solution that provides end users of the vCloud platform with a clear and understandable management console, and the owners of the cloud - a powerful set of functionality, will reduce management costs and give public cloud services a source of profit, while how cloud administrators can deploy and configure a solution in less than an hour. We had to revise the architecture many times, to develop and introduce new elements, each time validating them with the aforementioned requirements. In addition, the solution must be easily scalable and reliable enough to meet the standards of the round-the-clock service offered to end users.
The screenshots below show the web interface for end users:
The traditional backup method with the agent inside the guest OS imposes certain restrictions on the service provider (after all, you need to somehow deploy / update agents inside the OS owned by the tenant), therefore Acronis uses the existing vSphere API to back up virtual machines at the vSphere level and the vCloud API Director for authentication in vCloud Director and interaction with it. We also collect all the metadata associated with vCD objects so that we do not lose this information in the future. Using VMware CBT (Change Block Tracking) technology, we accelerate the process of incremental backups, and the Acronis software deduplication component, together with the compression algorithm, helps reduce network traffic and storage space in backups.
As a backup agent, you can use either a Linux-based virtual app, deployed on an ESX (i) host, or a proxy agent on Windows. The solution is easily scaled by adding or removing backup agents. Using a centralized management interface, you can monitor agents, storage, and backup status, as well as configure automatic load balancing or direct binding of agents to virtual machines.
If VMware Tools are installed on virtual machines, then backing up machines with running VSS-compatible applications will not be a problem, since the agent uses VSS in the virtual machine to create consistent snapshot.
ABR for vCloud supports all types of storage that can be used in your data center - NFS, SMB, FTP, FC or iSCSI LUN, even tape devices. You can also set up a script with replication of backups from the core to the secondary storage. Backup without using the network is done by connecting the LUN directly to the agent, which allows you not to download production network with excess traffic.
As shown by numerous surveys, data security is one of the main reasons why people do not switch to cloud services. Although the backup solution cannot guarantee data protection in running virtual machines (there are many other means for this purpose), ABR for vCloud encrypts data in backup copies both during transmission over the network and when backups are in the storage. The encryption feature is available to end users, so if necessary, they can reliably protect their backups using the standard AES-256 algorithm.
Disaster recovery as a service is an extremely popular topic today, especially given the fact that more and more resellers, VAR partners and system integrators are becoming cloud service providers, while supporting infrastructure for disaster recovery is beyond the reach of most small and medium-sized organizations. which require uninterrupted operation and almost zero server downtime. In this case, the ABR for vCloud solution will be very useful because it allows the provider to organize an automatic disaster recovery scenario for almost any local client resources, be it physical servers or VMware / Hyper-V / XEN / KVM / Oracle virtual machines. For DRaaS, Acronis offers two types of scripts, resulting in:
You can easily change the colors of the web interface and put your own logo on it or even integrate the backup solution into your own console or management portal using JSON-based RSON API provided by Acronis.
Two basic licensing schemes are available for this solution - one for providers of public cloud services, the other is more suitable for enterprises with a private vCloud cloud. The first scheme provides for payment as you use, based on monthly bills. Built-in usage reports, in which statistics on several indicators are collected, are available to both providers and tenants. They can be integrated into the provider’s billing system. The second scheme assumes a fixed cost for the number of protected ESX (i) hosts.
Working on this solution, Acronis experts did not just create another commercial product: we treated it as our own initiative, wanted to see how the project was developing and attracting more and more attention, wanted to show it to our colleagues, friends and clients and be proud of our work. During the development process, we interviewed many providers and private cloud owners to find out their requirements, showed them the product at different stages of development and, after receiving feedback, made the necessary changes.
If you are interested in this job, you can quickly evaluate the part of our solution regarding the self-service interface on our page : (registration is required). Additional ABR for vCloud product information is available on the Acronis website.
Let me briefly talk about the advantages of this system.
BaaS and regular backups
Consider the VMware vCloud environment - it allows you to work on the IT-as-a-Service model with public cloud tenants or branches / departments of a large company, providing centralized control and management of infrastructure, and at the same time enables customers to independently manage their resource pools. Backing up is an essential part of the IT world, so why not use the same approach for it? Cloud owners could centrally manage the backup and storage infrastructure, while at the same time letting end users independently manage backup and recovery of their resources. This reduces the costs and time of cloud administrators to restore user resources on demand and develop various backup policies in accordance with the different needs of tenants.
ABR for vCloud allows cloud owners to deploy a backup solution in their datacenter, end users can use the web interface with their vCloud Director credentials, view a list of their vCloud resources (virtual machines and vApps) and set their own backup schedules and storage rules. The end user can also perform the recovery on their own, saving all vCloud settings, including network configuration and other metadata of virtual machines and vApps. The service provider can define storage quotas for organizations and set access rights, giving tenants full control over backup and recovery schedules, or limiting them only to predefined schedules. You can even limit the end user, allowing him to perform only recovery. And, of course, users will be able to monitor the status of the backup and receive email notifications about the successful completion or failure of the process.
')
purpose
The development team of this product had a very difficult task - to create a solution that provides end users of the vCloud platform with a clear and understandable management console, and the owners of the cloud - a powerful set of functionality, will reduce management costs and give public cloud services a source of profit, while how cloud administrators can deploy and configure a solution in less than an hour. We had to revise the architecture many times, to develop and introduce new elements, each time validating them with the aforementioned requirements. In addition, the solution must be easily scalable and reliable enough to meet the standards of the round-the-clock service offered to end users.
The screenshots below show the web interface for end users:
Technology
The traditional backup method with the agent inside the guest OS imposes certain restrictions on the service provider (after all, you need to somehow deploy / update agents inside the OS owned by the tenant), therefore Acronis uses the existing vSphere API to back up virtual machines at the vSphere level and the vCloud API Director for authentication in vCloud Director and interaction with it. We also collect all the metadata associated with vCD objects so that we do not lose this information in the future. Using VMware CBT (Change Block Tracking) technology, we accelerate the process of incremental backups, and the Acronis software deduplication component, together with the compression algorithm, helps reduce network traffic and storage space in backups.
As a backup agent, you can use either a Linux-based virtual app, deployed on an ESX (i) host, or a proxy agent on Windows. The solution is easily scaled by adding or removing backup agents. Using a centralized management interface, you can monitor agents, storage, and backup status, as well as configure automatic load balancing or direct binding of agents to virtual machines.
If VMware Tools are installed on virtual machines, then backing up machines with running VSS-compatible applications will not be a problem, since the agent uses VSS in the virtual machine to create consistent snapshot.
ABR for vCloud supports all types of storage that can be used in your data center - NFS, SMB, FTP, FC or iSCSI LUN, even tape devices. You can also set up a script with replication of backups from the core to the secondary storage. Backup without using the network is done by connecting the LUN directly to the agent, which allows you not to download production network with excess traffic.
As shown by numerous surveys, data security is one of the main reasons why people do not switch to cloud services. Although the backup solution cannot guarantee data protection in running virtual machines (there are many other means for this purpose), ABR for vCloud encrypts data in backup copies both during transmission over the network and when backups are in the storage. The encryption feature is available to end users, so if necessary, they can reliably protect their backups using the standard AES-256 algorithm.
Disaster Recovery as a Service (DRaaS)
Disaster recovery as a service is an extremely popular topic today, especially given the fact that more and more resellers, VAR partners and system integrators are becoming cloud service providers, while supporting infrastructure for disaster recovery is beyond the reach of most small and medium-sized organizations. which require uninterrupted operation and almost zero server downtime. In this case, the ABR for vCloud solution will be very useful because it allows the provider to organize an automatic disaster recovery scenario for almost any local client resources, be it physical servers or VMware / Hyper-V / XEN / KVM / Oracle virtual machines. For DRaaS, Acronis offers two types of scripts, resulting in:
- The end user has backups in the service provider's cloud and a self-service web interface to restore these copies to virtual machines in the vCloud environment.
- The end user has copies of his local servers already raised as virtual machines in the vCloud environment - running or disconnected.
Rebranding and Integration
You can easily change the colors of the web interface and put your own logo on it or even integrate the backup solution into your own console or management portal using JSON-based RSON API provided by Acronis.
Licensing
Two basic licensing schemes are available for this solution - one for providers of public cloud services, the other is more suitable for enterprises with a private vCloud cloud. The first scheme provides for payment as you use, based on monthly bills. Built-in usage reports, in which statistics on several indicators are collected, are available to both providers and tenants. They can be integrated into the provider’s billing system. The second scheme assumes a fixed cost for the number of protected ESX (i) hosts.
Motivation
Working on this solution, Acronis experts did not just create another commercial product: we treated it as our own initiative, wanted to see how the project was developing and attracting more and more attention, wanted to show it to our colleagues, friends and clients and be proud of our work. During the development process, we interviewed many providers and private cloud owners to find out their requirements, showed them the product at different stages of development and, after receiving feedback, made the necessary changes.
If you are interested in this job, you can quickly evaluate the part of our solution regarding the self-service interface on our page : (registration is required). Additional ABR for vCloud product information is available on the Acronis website.
Source: https://habr.com/ru/post/210724/
All Articles