Monthly Archives: November 2017

AWS re:Invent – Expectations from a VM Hugger…

Today is the first day offical day of AWS re:Invent 2017 and things are kicking off with the global partner summit. Today also is my first day of AWS re:Invent and I am looking forward to experiencing a different type of big IT conference with all previous experiences being at VMworld or the old Microsoft Tech Eds. Just buy looking at the agenda, schedule and content catalog I can already tell re:Invent is a very very different type of IT conference.

As you may or may not know I started this blog as Hosting is Life! and the first half of my career was spent around hosting applications and web services…in that I gravitated towards looking at AWS solutions to help compliment the hosting platforms I looked after and I was actively using a few AWS services in 2011 and 2012 and attended a couple of AWS courses. After joining Zettagrid my use of AWS decreased and it wasn’t until Veeam announced supportability for AWS storage as part of our v10 announcements that I decided to get back into the swing of things.

Subsequently we announced Veeam Availability for AWS which leverages EBS snapshots to perform agentless backups of AWS instances and more recently we where announced as a launch partner for VMware Cloud on AWS data availability solutions. For me, the fact that VMware have jumped into bed with AWS has obviously raised AWS’s profile in the VMware community and it’s certainly being seen as the cool thing to know (or claim to know) within the ecosystem.

Veeam isn’t the only backup vendor looking to leverage what AWS has to offer by way of extending availability into the hyper-scale cloud and every leading vendor is rushing to claim features that offload backups to AWS cloud storage as well as offering services to protect native AWS workloads…as with IT Pros this is also the in thing!

Apart from backup and availability, my sessions are focused on storage, compute, scalability and scale as well as some sessions on home automation with Alexa and alike. This years re:Invent is 100% a learning experience and I am looking forward to attending a lot of sessions and taking a lot of notes. I might even come out taking the whole serverless thing a little more seriously!

Moving away from the tech the AWS world is one that I am currently removed from…unlike the VMware ecosystem and VMworld I wouldn’t know 95% of the people delivering sessions and I certainly don’t know much about the AWS community. While I can’t fix that by just being here this week, I can certainly use this week as a launching pad to get myself more entrenched with the technology, the ecosystem and the community.

Looking forward to the week and please reach out if you are around.

VCSP Important Notice: 9.5 Update 3 RTM Is Out…With Insider Protection and more!

Earlier this week, Veeam made available to our VCSP partners the RTM of Update 3 for Backup & Replication 9.5 (Build 9.5.0.1335). Update 3 is what we term a breaking update, meaning that if a Cloud Connect tenant upgrades from any previous 9.5 version before VCSPs this will break backup or replication functionality. With that in mind the RTM has been made available for our VCSP partners to ensure it is installed and tested before being pushed out to production before the GA release. Veeam Backup & Replication releases from 8.0 (build 8.0.0.2084) can write backups to a cloud repository on 9.5 Update 3, and any release from 9.0 (build 9.0.0.902) can write replicas to a cloud host on 9.5 Update 3.

Update 3 is a very significant update and contains a number of enhancements and known issue fixes with a lot of those enhancements aimed at improving the scalability of the Backup & Replication platform that VCSPs can take advantage of. One important note is around new licensing for Cloud Connect Backup that all VCSPs should be aware of. There is a detailed post in the VCSP Forums and there will be emails sent to explains the changes.

We have also pushed out a number new features for our VCSPs with two of them highlighted below. One of which is the new Insider Protection feature or Recycle Bin for Cloud Connect Backups and the other is the a long awaited ask from our providers in the Maintenance Mode for Cloud Connect.

  • Insider protection: Option to hold backups deleted from a tenant’s cloud repository in a “recycle bin” folder for a designated period of time. For more information, see this post in the VCSP forum.

    • Maintenance Mode: Allows you to temporarily stop tenant backup and backup copy tasks from writing to cloud repositories. Already running tenant tasks are allowed to finish, but new tenant tasks fail with an error message indicating that the service provider infrastructure is undergoing maintenance. This is supported at the tenant end in 9.5 Update 3 GA, Agent for Windows 2.1 and Agent for Linux 2.0.

There has also been a lot of work to improve and enhance scalability in the Backup & Replication Cloud Connect functionality to accomodate the increasing usage of Veeam Agent for Windows of which there is a new version (2.1) coming in early December and prepare for the release of Veeam Agent for Linux (2.0) that will include support for backups to be sent to Cloud Connect repositories. For the recently released Veeam Availability Console, Update 3 is 100% compatible with the 2.0 GA (Build 2.0.1.1319) released last week and is good from Update 2 or later.

Conclusion:

Once again, Update 3 for Veeam Backup & Replication is an important update to apply for VCSPs running Cloud Connect services in preparation for the GA release which will happen in about two weeks. Once released I’ll link to the VeeamKB for a detailed look at the fixes but for the moment, if you have the ability to download the update do so and have it applied to your instances. For more info in the RTM, head to the VCSP Forum post here.

Released: NSX-v 6.3.5 and New Features and Fixes

Last week VMware released NSX-v 6.3.5 (Build 7119875) that contains a few new features and addresses a number of bug fixes from previous releases. Going through the release notes there are a lot of known issues that should be known and there are more than a few that apply to service providers…specifically there are a lot around Logical and Edge Routing functions. The other interesting point to highlight about this release is that this is apparently the same build that runs on VMware on AWS instances as mentioned by Ray Budavari.

The new features in this build are:

  • For vCenter 6.5 and later, Guest Introspection VM’s, on deployment, will be named Guest Introspection (XX.XX.XX.XX), where XX.XX.XX.XX is the IPv4 address of the host on which the GI machine resides. This occurs during the initial deployment of GI.
  • Guest Introspection service VM will now ignore network events sent by guest VMs unless Identify Firewall or Endpoint Monitoring is enabled
  • You can also modify the threshold for CPU and memory usage system events with this API: PUT /api/2.0/endpointsecurity/usvmstats/usvmhealththresholds
  • Serviceability enhancements to L2 VPN including
    • Changing and/or enabling logging on the fly, without a process restart
    • Enhanced logging
    • Tunnel state and statistics
    • CLI enhancements
    • Events for tunnel status changes
  • Forwarded syslog messages now include additional details previously only visible on the vSphere Web Client
  • Host prep now has troubleshooting enhancements, including additional information for “not ready” errors

That last new feature above is seen below…you can see the EAM Status message just below the NSX Manager IP which is a nice touch given the issues that can happen if EAM is down.

If you click on the Not Ready Installation Status you now get a more detailed report of what could be wrong and suggestions of how to resolve.

Important Fixes :

  • VMs migrated from 6.0.x can cause host PSOD When upgrading a cluster from 6.0.x to 6.2.3-6.2.8 or 6.3.x, the VM state exported can be corrupted and cause the receiving host to PSOD
  • “Upgrade Available” link not shown if cluster has an alarm. Users are not be able to push the new service spec to EAM because the link is missing and the service will not be upgraded
  • NSX Manager crashes with high NSX Manager CPU NSX Manager has an OOM (out of memory) error and continuously restarts
  • NSX Controller memory increases with hardware VTEP configuration causing high CPU usage A controller process memory increase is seen with hardware VTEP configurations running for few days. The memory increase causes high CPU usage that lasts for some time (minutes) while the controller recovers the memory. During this time the data path is affected
  • Translated IPs are not getting added to vNIC filters which is causing Distributed Firewall to drop traffic When new VMs are deployed, the vNIC filters do not get updated with the right set of IPs causing Distributed Firewall to block the traffic.

Those with the correct entitlements can download NSX-v 6.3.5 here.

References:

https://docs.vmware.com/en/VMware-NSX-for-vSphere/6.3/rn/releasenotes_nsx_vsphere_635.html

Veeam Availability Console – What’s in it for Service Providers

Today, the Veeam Availability Console was made GA meaning that after a long wait our new multi-tenant service provider management and reporting platform is available for download. VAC is an significant evolution of the Managed Backup Portal that was released in 2016 and acts as a central portal for Veeam Cloud and Service Providers to remotely manage and monitor customer instances of Backup & Replication including the ability to monitor Cloud Connect Backup and Replication jobs and failover plans. It also is the central mechanism to deploy and manage (Windows) agents which includes the ability to install agents onto on-premises machines and apply policies to those agents once deployed.

Veeam® Availability Console is a cloud-enabled platform built specifically for Veeam Cloud & Service Provider (VCSP) partners and resellers looking to launch a managed services business. Through its ability to remotely provision, manage and monitor virtual, physical and cloud-based Veeam environments without any special connectivity requirements, Veeam Availability Console enables you to increase revenue and add value to all your customers.

  • Simplified Setup – now allowing on-premises installs
  • Remote backup agent management and monitoring
  • Remote discovery and deployment with enhanced support for Veeam Cloud Connect
  • Web-based multi-tenant portal
  • Native billing and RESTful APIs
Cloud Connect Requirement:

The Cloud Connect Gateway is central to how the Veeam Availability Console operates and all management traffic is tunneled through the Cloud Connect Gateways. If you are a current VCSP offering Cloud Connect services then you already have the infrastructure in place to facilitate VAC, however if you are not a Cloud Connect partner you can apply for a special key that will enable you to deploy a Gateway without the need for specific Cloud Connect backup or Replication licenses.

For a deeper look at VAC architecture for Service Providers, head to Luca Dell’Oca’s VAC series here.

Designed for Service Providers First:

The Veeam Availability Console was designed from the ground up for Service Providers (there is an Enterprise version available) and contains a rich set of APIs that can be consumed for automation and provisioning purposes. There is also a three tier multi-tenancy design allowing VCSPs the ability to create restricted accounts for their partners or resellers from which in turn, another level of accounts can be created for their customers or tenants.

The multi-tenancy aspect means that partners/resellers and customers can control their own backups centrally from the console. Reporting on backup jobs can be viewed and a mechanism to control those jobs is available allowing retry/stop/start tasks against those jobs. If that’s not enough control or more troubleshooting on failed jobs needs to be done the Remote Console feature introduced in Veeam Backup & Replication Update 2 has been integrated into the console.

VAC also includes built in reporting and billing functionality which enables VCSPs who don’t have the capability for automated reporting and billing to offer that to their customers. The reporting can be accessed via the API meaning that if an existing billing engine is being used there is the possibility to have that interface with VAC to pull out key data points.

The Service Provider Opportunity:

Over the past year I’ve talked a lot about the opportunity that exists for Veeam’s Cloud and Service Providers to take advantage of the opportunity that exists with Veeam’s Agents to capture backups for workloads that previously were out of reach. VAC is central to this and opens up the ability to backup instances that live on-premises (physical or virtual) or in any public cloud hyper-scaler or otherwise.

If you are a reseller looking to cash in on the growing data availability market then you should be looking at how VAC can help you get started by leveraging the features mentioned above . Secondly, if you a reseller and not running Cloud Connect Backup or Replication then the time is right to start looking at getting Cloud Connect deployed and start generating revenue around backup and replication services.

For those existing VCSPs that are offering Cloud Connect services, adding VAC into the mix will allow you to take advantage of the agent opportunity that exists as shown above while also adding value to your existing Managed Backup and Cloud Connect services.

References and Product Guides:

https://www.veeam.com/vac_2_0_release_notes_rn.pdf

https://helpcenter.veeam.com/docs/vac/deployment/about.html?ver=20

https://www.veeam.com/availability-console-service-providers-faq.html

https://www.veeam.com/vac_2_0_whats_new_wn.pdf