Category Archives: Cloud Connect

Orchestration of NSX by Terraform for Cloud Connect Replication with vCloud Director

That is probably the longest title i’ve ever had on this blog, however I wanted to highlight everything that is contained in this solution. Everything above works together to get the job done. The job in this case, is to configure an NSX Edge automatically using the vCloud Director Terraform provider to allow network connectivity for VMs that have been replicated into a vCloud Director tenant organization with Cloud Connect Replication.

With the release of Update 4 for Veeam Backup & Replication we enhanced Cloud Connect Replication to finally replicate into a Service Providers vCloud Director platform. In doing this we enabled tenants to take advantage of the advanced networking features of the NSX Edge Services Gateway. The only caveat to this was that unlike the existing Hardware Plan mechanism, where tenants where able to configure basic networking on the Network Extension Appliance (NEA), the configuration of the NSX Edge had to be done directly through the vCloud Director Tenant UI.

The Scenario:

When VMs are replicated into a vCD organisation with Cloud Connect Replication the expectation in a full failover is that if a disaster happened on-premises, workloads would be powered on in the service provider cloud and work exactly as if they where still on-premises. Access to services needs to be configured through the edge gateway. The edge gateway is then connected to the replica VMs via the vOrg Network in vCD.

In this example, we have a LAMP based web server that is publishing a WordPress site over HTTP and HTTPs.

The VM is being replicated to a Veeam Cloud Service Provider vCloud Director backed Cloud Connect Replication service.

During a disaster event at the on-premises end, we want to enact a failover of the replica living at in the vCloud Director Virtual Datacenter.

The VM replica will be fired up and the NSX Edge (the Network Extension Appliance pictured is used for partial failovers) associated to the vDC will allow the HTTP and HTTPS to be accessed from the outside world. The internal IP and Subnet of the VM is as it was on-premises. Cloud Connect Replication handles the mapping of the networks as part of the replication job.

Even during the early development days of this feature I was thinking about how this process could be automated somehow. With our previous Cloud Connect Replication networking, we would use the NEA as the edge device and allow basic configuration through the Failover Plan from the Backup & Replication console. That functionality still exists in Update 4, but only for non vCD backed replication.

The obvious way would be to tap into the vCloud Director APIs and configure the Edge directly. Taking that further, we could wrap that up in PowerShell and invoke the APIs from PowerShell, which would allow a simpler way to pass through variables and deal with payloads. However with the power that exists with the Terraform vCloud Director provider, it became a no brainer to leverage this to get the job done.

Configuring NSX Edge with Terraform:

In my previous post around Infrastructure as Code vs APIs I went through a specific example where I configured an NSX Edge using Terraform. I’m not going to go over that again, but what I have done is published that Terraform plan with all the code to GitHub.

The GitHub Project can be found here.

The end result after running the Terraform Plan is:

  • Allowed HTTP, HTTPS, SSH and ICMP access to a VM in a vDC
    • Defined as a variable as the External IP
    • Defined as a variable as the Internal IP
    • Defined as a variable as the vOrg Subnet
  • Configure DNAT rules to allow HTTP, HTTPS and SSH
  • Configure SNAT rule to allow outbound from the vOrg subnet

The variables that align with the VM and vORG network are defined in the terraform.tfvars file and need to be modified to match the on-premises network configuration. The variables are defined in the variables.tf file.

To add additional VMs and/or vOrg networks you will need to define additional variables in both files and add additional entires under the firewall_rules.tf and nat_fules.tf. I will look at ways to make this more elegant using Terraform arrays/lists and programatic constructs in future.

Creating PowerShell for Execution:

The Terraform plan can obviously be run standalone and the NSX Edge configuration can be actioned at any time, but the idea here is to take advantage of the script functionality that exists with Veeam backup and replication jobs and have the Terraform plan run upon completion of the Cloud Connect Replication job every time it is run.

To achieve this we need to create a PowerShell script:

GitHub – configure_vCD_VCCR_NSX_Edge.ps1

The PowerShell script initializes Terraform and downloads the Provider, ensures there is an upgrade in the future and then executes the Terraform plan. Remembering that that variables will change within the Terraform Plan its self, meaning these scripts remain unchanged.

Adding Post Script to Cloud Connect Replication Job:

The final step is to configure the PowerShell script to execute once the Cloud Connect Replication job has been run. This is done via a post script settings that can be found in Job Settings -> Advanced -> Scripts. Drop down to selected ps1 files and choose the location of the script.

That’s all that is required to have the PowerShell script executed once the replication job completes.

End Result:

Once the replication component of the job is complete, the post job script will be executed by the job.

This triggers the PowerShell, which runs the Terraform plan. It will check the existing state of the NSX Edge configuration and work out what configuration needs to be added. From the vCD Tenant UI, you should see the recent tasks list modifications to the NSX Edge Gateway by the user configured to access the vCD APIs via the Provider.

Taking a look at the NSX Edge Firewall and NAT configuration you should see that it has been configured as specified in the Terraform plan.

Which will match the current state of the Terraform plan

Conclusion:

At the end of the day, what we have done is achieved the orchestration of Veeam Cloud Connect Replication together with vCloud Director and NSX… facilitated by Terraform. This is something that Service Providers offering Cloud Connect Replication can provide to their clients as a way for them to define, control and manage the configuration of the NSX edge networking for their replicated infrastructure so that there is access to key services during a DR event.

While there might seem like a lot happening, this is a great example of leveraging Infrastructure as Code to automated as otherwise manual task. Once the Terraform is understood and the variables applied, the configuration of the NSX Edge will be consistent and in a desired state with the config checked and applied on every run of the replication job. The configuration will not fall out of line with what is required during a full failover and will ensure that services are available if a disaster occurs.

References:

https://github.com/anthonyspiteri/automation/tree/master/vccr_vcd_configure_nsx_edge

Update 4 for Service Providers – Targeting vCloud Director with Cloud Connect Replication

When Veeam Backup & Replication 9.5 Update 4 went Generally Available in late January I posted a What’s in it for Service Providers blog. In that post I briefly outlined all the new features and enhancements in Update 4 as it related to our Veeam Cloud and Service Providers. As mentioned each new major feature deserves it’s own seperate post. I’ve covered off the majority of the new feature so far, and for the final post in the series I am looking at something that is close to my heart…vCloud Director Support for Veeam Cloud Connect Replication.

As a reminder here are the top new features and enhancements in Update 4 for VCSPs.

Leveraging the Best of vCloud Director for Stronger DRaaS:

VMware vCloud Director is the de facto standard for service providers who offer Infrastructure as a Service based on VMware and Veeam has had a long history supporting vCloud Director, with the industry’s first support for vCloud Director aware backups released in Veeam Backup & Replication v7 following on with the first stand alone Self Service Backup Portal in v9.5.

With the release of Update 4, we have added support for Veeam Cloud Connect to replicate directly into vCloud Director virtual datacenters, allowing both our Cloud and Service Provider Partners (VCSP) and customers to take advantage of the enhancements VMware has built into the platform. While this has been a long time coming, this support represents a significant enhancement to the way in which our VCSPs offer DRaaS.

With tenants consuming vCloud Director resources, it allows them to take advantage of more powerful features when dealing with full disaster, or the failure of individual workloads. Full and partial failovers will be more transparent with the use of the vCloud Director HTML5 Tenant UI and the vCloud Director HTML5 UI will also allow tenants to see what is happening to workloads as they boot and interact with the guest OS directly. This takes the pressure of the VCSPs helpdesk and gives tenants more control of their replicas once failed over.

Enhanced Edge Networking with NSX:

From a networking point of view, being able to access the NSX Edge Gateway for replicated workloads means that tenants can leverage the advanced networking features available on the NSX Edge Gateway. The Network Extension Appliance did a great job in offering basic network functionality however the NSX Edge offers:

  • Advanced Firewalling and NAT
  • Advanced Dynamic Routing (BGP, OSPF and more)
  • Advanced Load Balancing
  • IPsec and L2VPN
  • SSL VPN
  • SSL Certificate Services

Once a failover has been triggered from the Veeam Backup & Replication Console or via the VCSPs own Portals, the ability to manage and configure everything through the vCloud Director HTML5 UI utilizing NSX via vCloud Director enhances Cloud Connect Replication for both service providers and tenants.

Network Automation During Partial Failovers with the NEA:

There are a number of options that can be used to extend the tenant network to the service provider cloud network when actioning a partial failover. Tenants and service providers can configure:

  • Custom IPsec VPN
  • IPsec or L2VPN via the NSX Edge Gateway
  • NEA to NEA L2 VPN

The Network Extension Appliance is still available for deployment in the same way as before Update 4 and can be used directly from within a vCloud Director virtual datacenter. The NEA’s automate the extension of a tenant network so that the failed over workload can be accessible from the tenant network, even though it resides in the service provider’s environment. The NEA to NEA option is the simplest and most effective way to extend the tenants network to the cloud network.

NOTE: I will be dedicating a seperate blog post to this feature as I believe this is one of the leading innovative features we have as part of Cloud Connect Replication.

vCloud Director 9.7 Compatibility:

Just a quick note to finish that at the time of writing this post, Veeam Backup & Replication 9.5 Update4a does not officially support vCloud Director 9.7. We currently support up to vCloud Director 9.5 but will be looking to add supportability for 9.7 within the next 90 days.

Wrap Up:

DRaaS is something that is only just becoming recognized as something that organizations require as part of their overall data protection strategy. Veeam has had a strong offering delivered through our VCSPs for a while now, with a strong focus on network automation which is typically the hardest part of any DRaaS offering. With Cloud Connect Replication now targeting vCloud Director we now have a very compelling DRaaS product that is simple, flexible and reliable…yet still delivers enterprise grade functionality.

Update 4 for Service Providers – Extending Backup Repositories to Object Storage with Cloud Tier

When Veeam Backup & Replication 9.5 Update 4 went Generally Available in late January I posted a What’s in it for Service Providers blog. In that post I briefly outlined all the new features and enhancements in Update 4 as it related to our Veeam Cloud and Service Providers. As mentioned each new major feature deserves it’s own seperate post. I’ve covered off the majority of the new feature so far, and today i’m covering what I believe is Veeam’s most innovative feature that has been released of late… The Cloud Tier.

As a reminder here are the top new features and enhancements in Update 4 for VCSPs.

Cloud Tier:

When I was in charge of the architecture and design of Service Provider backup platforms, without question the hardest and most challenging aspect of designing the backend storage was how to facilitate storage consumption and growth. The thirst to backup workloads into the cloud continues to grow and with it comes the growth of that data and the desire to store it for longer. Even yesterday I was talking to a large Veeam Cloud & Service Provider who was experiencing similar challenges with managing their Cloud Connect and IaaS backup repositories.

Cloud Tier in Update 4 fundamentally changes the way in which the initial landing zone for backups is designed. With the ability to offload backup data to cheaper storage the Cloud Tier, which is part of the Scale-Out Backup Repository allows for a more streamlined and efficient Performance Tier of backup repository while leveraging scalable Object Storage for the Capacity Tier.

How it Works:

The innovative technology we have built into this feature allows for data to be stripped out of Veeam backup files (which are part of a sealed chain) and offloaded as blocks of data to Object Storage leaving a dehydrated Veeam backup file on the local extents with just the metadata remaining in place. This is done based on a policy that is set against the Scale-out Backup Repository that dictates the operational restore window of which local storage is used as the primary landing zone for backup data and processed as a Tiering Job every four hours. The result is a space saving, smaller footprint on the local storage without sacrificing any of Veeam’s industry-leading recovery operations. This is what truly sets this feature apart and means that even with data residing in the Capacity Tier, you can still perform:

  • Instant VM Recoveries
  • Entire computer and disk-level restores
  • File-level and item-level restores
  • Direct Restore to Amazon EC2, Azure and Azure Stack
What this Means for VCSPs:

Put simply it means that for providers who want to offload backup data to cheaper storage while maintaining a high performance landing zone for more recent backup data to live  the Cloud Tier is highly recommended. If there are existing space issues on the local SOBR repositories, implementing Cloud Tier will relieve pressure and in reality allow VCSPs to not have to seek further hardware purchase to expand the storage platforms backing those repositories.

When it comes to Cloud Connect Backup, the fact that Backup Copy Jobs are statistically the most used form of offsite backup sent to VCSPs the potential for savings is significant. Self contained GFS backup files are prime candidates for the Cloud Tier offload and given that they are generally kept for extended periods of time, means that it also represents a large percentage of data stored on repositories.

Having a look below you can see an example of a Cloud Connect Backup Copy job from the VCSP side when browsing from Explorer.

You can see the GFS files are all about 22MB in size. This is because they are dehydrated VBKs with only metatdata remaining locally. Those files where originally about 10GB before the offload job was run against them.

Wrap Up:

With the small example shown above, VCSPs should be starting to understand the potential impact Cloud Tier can have on the way they design and manage their backup repositories. The the ability to leverage Amazon S3, Azure Blog and any S3 Compatible Object Storage Platform means that VCSPs have the choice in regards to what storage they use for the Capacity Tier. If you are a VCSP and haven’t looked at how Cloud Tier can work for your service offering…what are you waiting for?

Glossary:

Object Storage Repository -> Name given to repository that is backed by Amazon S3, S3, Azure Blob or IBM Cloud

Capacity Tier -> Name given to extent on a SOBR using an Object Storage Repository

Cloud Tier -> Marketing name given to feature in Update 4

Resources:

Harness the power of cloud storage for long-term retention with Veeam Cloud Tier

Quick Look – New Cloud Credentials Manager in Update 4

With the release of Update 4 for Veeam Backup & Replication 9.5 we further enhanced our overall cloud capabilities by adding a number of new features and enhancements that focus on tenants being able to leverage Veeam Cloud and Service Providers as well as Public Cloud services. With the addition of Cloud Mobility, External Repository and Cloud Connect Replication supporting vCloud Director we decided to break out the existing credential manager and create a new manager dedicated to the configuration and management of Cloud specific credentials.

The manager can be accessed by clicking on the top left dropdown menu from the Backup & Replication Console and then choosing Manage Cloud Credentials.

You can use the Cloud Credentials Manager to create and manage all credentials that are planned to use to connect to cloud services.

The following types of credentials can be configured and managed:

  • Veeam Cloud Connect (Backup and Replication for both Hardware Plans and vCD)
  • Amazon AWS (Storage and Compute)
  • Microsoft Azure Storage (Azure Blob)
  • Microsoft Azure Compute (Azure and Azure Stack)

The Cloud Connect credentials are straight forward in terms of what they are used for. There is even a way for non vCloud Director Authenticated tenants to change their own default passwords directly.

When it comes to AWS and Azure credentials the manager will allow you to configure accounts that can be used with Object Storage Repositories, Restore to AWS (new in Update 4), Restore to Azure and Restore to Azure Stack (new in Update 4).

PowerShell is still an Option:

For those that would like to configure these accounts outside of the Backup & Replication Console, there is a full complement of PowerShell commands available via the Veeam PowerShell Snap-in.

As an example, as part of my Configure-Veeam GitHub Project I have a section that configures a new Scale Out Backup Repository with an Object Storage Repository Capacity Tier backed by Amazon S3. The initial part of that code is to create a new Amazon Storage Account.

For a full list of PowerShell capabilities related to this, click here.

So there you go…a very quick look at another new enhancement in Update 4 for Backup & Replication 9.5 that might have gone under the radar.

References:

https://helpcenter.veeam.com/docs/backup/vsphere/cloud_credentials.html?ver=95u4

Update 4 for Service Providers – Tenant Connectivity with Cloud Connect Gateway Pools

When Veeam Backup & Replication 9.5 Update 4 went Generally Available a couple of weeks ago I posted a What’s in it for Service Providers blog. In that post I briefly outlined all the new features and enhancements in Update 4 as it related to our Veeam Cloud and Service Providers. As mentioned each new major feature deserves it’s own seperate post. I’ve covered off Tape as a Service and RBAC Self Service, and today i’m focusing on a much requested feature…Cloud Connect Gateway Pools

As a reminder here are the top new features and enhancements in Update 4 for VCSPs.

Gateway Pools for Cloud Connect

Cloud Connect has become the central mechanism for connectivity and communication between multiple Veeam services. When first launched with Cloud Connect Backup in v8 of Backup & Replication, the Cloud Connect Gateways where used for all secure communications between tenant backup server instances and the Veeam Cloud and Service Provider (VCSP) Cloud Connect backup infrastructure. This expanded to support Cloud Connect Replication in v9 and from there we have added multiple products that rely on communications brokered by Cloud Connect Gateways.

As of today Cloud Connect Gateways facilitate:

  • Cloud Connect Backup
  • Cloud Connect Replication
  • Full and Partial Failovers for Cloud Connect Replication
  • Remote Console Access
  • Veeam Availability Console Tenant and Agent Management
  • Veeam Backup for Microsoft Office 365 Self Service

With regards to acting as the broker for Cloud Connect Backup or Replication, prior to Update 4 the only way in which a VCSP could design and deploy the Gateways was in an all or nothing approach when it came to configuring the IP address and DNS for the service endpoint. When considering VCSPs that also provide connectivity such as MPLS for their customers it meant that to leverage direct connections that might be private the options where to either use the public address or setup a whole new Cloud Connect environment for the customer.

Now with Update 4 and Gateway Pools a VCSP can configure one or many Gateway Pools and allocate one or more Cloud Connect Gateways to those pools. From there, tenants can be assigned to Gateway Pools.

Cloud Gateways in a Gateway Pool operate no differently to regular Cloud Gateways. As with previous Cloud Gateways, If the primary gateway is unavailable, the logic built into Veeam Backup & Replication will failover to another Cloud Gateway in the same pool.

If tenants are not assigned a Cloud Gateway Pool they can use only gateways that are not a part of any cloud gateway pool. That situation is warned in the UI when configuring the gateways.

Wrap Up:

The introduction of Cloud Connect Gateway Pools un Update 4 was undertaken due to direct feedback from our VCSPs who wanted more flexibility in the way in which the Cloud Gateways where deployed and configured for customers. Not only can they be used to seperate tenants connecting from public and private networks, but they can also be used for Quality of Service by assigning a Gateway Pool to specific tenants. They can also be used to control access into a VCSPs Cloud Connect infrastructure if located in different geographic locations.

For a great overview and design considerations of Cloud Connect Gateway Pools and Gateways themselves, check out Luca’s Cloud Connect Book here.

References:

https://helpcenter.veeam.com/docs/backup/cloud/cloud_gateway_pool.html?ver=95u4

Update 4 for Service Providers – Tape as a Service

When Veeam Backup & Replication 9.5 Update 4 went Generally Available a couple of weeks ago I posted a What’s in it for Service Providers blog. In that post I briefly outlined all the new features and enhancements in Update 4 that pertain to our Veeam Cloud and Service Providers. As mentioned each new major feature deserves it’s own seperate post and today I’m kicking off the series with what I feel was probably the least talked about new feature in Update 4…Tape as a Service for Cloud Connect Backup.

As a reminder here are the top new features and enhancements in Update 4 for VCSPs.

Tape as a Service for Cloud Connect Backup:

When we introduced Cloud Connect Backup in version 8 of Backup & Replication we offered the ability for VCSPs to offer a secure, remote offsite repository for their tenants. When thinking about air-gapped backups…though protected at the VCSP end, ultimate control for what was backed up to the Cloud Repository is in the hands of the tenant. From the tenant’s server they could manipulate the backups stored via policy or a malicious user could gain access to the server and delete the offsite copies.

In Update 3 of Backup & Replication 9.5 we added Insider Protection to Cloud Connect Backup, which allowed the VCSP to put a policy on the tenant’s Cloud Repository that would protect backups from a malicious attack. With this option enabled, when a backup or a specific restore point in the backup chain is deleted or aged out from the cloud repository. The actual backup files are not deleted immediately, instead, they are moved to a _RecycleBin folder on the repositories.

In Update 4 we have taken that a step further to add true air-gapped backup options that VCSPs can create services around for longer term retention with the Tenant to Tape feature. This allows a VCSP to offer additional level of data protection for their tenants. The tenant sends a copy of the backup data to their cloud repository, and the VCSP then configures backup to tape to send another copy to the tape media. If there is a situation that requires recovery if data in the cloud repository becomes unavailable, the VCSP can initiate a restore from tape.

VCSPs can also offer a tape out services to help their tenants achieve compliance and internal policies without maintaining their own tape infrastructure. Tapes can be stored by the service providers, or shipped back to tenant as shown in the diagram below.

To take advantage of this new Update 4 feature VCSPs will need to configure Tape Infrastructure on the Cloud Connect server. What’s great about Veeam is that we have the option to use traditional tape infrastructure or take advantage of Virtual Tape Libraries (VTLs) which can then be backed by Object Storage such as Amazon S3. I am not going to walk through that process in this post, there are a number of blogs and White Papers available that guide you on the setup of an Amazon Storage Gateway to use as a VTL.

Once the Tape Infrastructure is in place, as a VCSP with a Cloud Connect license when you upgrade to Update 4, under Tape Infrastructure you will see a new option called Tenant to Tape.

A tenant backup to tape job is a variant of a backup to tape job targeted at a GFS Media Pool which is available for Veeam customers with regular licensing. What’s interesting about this feature is that there are a number of options that allow flexibility on how the jobs are created which also leads to a change of use case for the feature depending on which option is chosen.

Choosing Backup Jobs will allow VCSPs to add any jobs that may be registered on the Cloud Connect server…though in reality there shouldn’t be any configured due to licensing constraints. The other two options provide the different use cases.

Backup Repositories:

This allows the VCSP to backup to tape one or more cloud repositories that can contain one or multiple tenants. The can allow the VCSP to backup the Cloud Connect repository in whole to an offsite location for longer term retention.

The ability to archive tenant Cloud Connect Backups to tape can help VCSPs protect their own infrastructure against disasters that may result in loss of tenant data. It can be used as another level of revenue generating service. As an example, there could be two service offerings for Cloud Connect Backup… one with a basic SLA which only has one copy of the backup data stored… and another with an advanced SLA that has data saved in two locations…the Cloud Connect Repository and the tape media. 

Tenants:

This option offers a lot more granularity and gives the VCSP the ability to offer an additional level of protection on a per tenant level. In fact you can also drill down to the Tenant repository level and select individual repositories if tenants have more than one configured.

Again, this can be done per tenant, or there can be one master job for all tenants.

It’s important to understand that all tasks within the tenant backup to tape feature are performed by the VCSP. Unless the VCSP has created a portal that has information about the jobs, the tenant is generally unaware of the tape infrastructure and the tenant can’t view or manage backup to tape jobs configured or perform operations with backups created by these jobs. There is scope for VCSPs to integrate such jobs and actions into their automation portals for self service.

Restores:

VCSPs can restore tenant data from tape for one tenant or more tenants at the same time. The restore can go to the original location or to a new location or be exported to backup files on local disk

Wrap Up:

Tenant to Tape or Tape as a Service for Cloud Connect Backup was a feature that didn’t get much airplay in the lead-up to the Update 4 launch, however it give VCSPs more options to protect tenant data and truly offer an air-gapped solution to better protect that data.

References:

https://www.veeam.com/wp-using-aws-vtl-gateway-deployment-guide.html

https://aws.amazon.com/about-aws/whats-new/2016/08/backup-and-archive-to-aws-storage-gateway-vtl-with-veeam-backup-and-replication-v9/

Backup & Replication 9.5 Update 4 – What’s In It For Service Providers

For ten plus years Veeam has continued to develop new innovative features and enhancements supporting our Cloud and Service Provider partners. As I posted earlier this week, there is a proven track record built upon a strong foundation of Veeam technology that backs up our strong leadership position in the Service Provider space. This accelerated in v7 with vCloud Director support…continued with Cloud Connect Backup in v8, Cloud Connect Replication in the v9 release and even more through the Backup and Replication 9.5 releases and Updates.

In my initial v9.5 Update 4 Top New Features post I covered off new core features and enhancements that are included in Update 4. Specifically there are a number of new features that VCSPs can take advantage of…

Over the next few weeks I am going to deep dive into each of the features listed above as they all deserve their own dedicated blog posts. With a release as huge as this, there is no shortage of content that can be created off the back up Update 4!

Beyond the core enhancements, there are also a significant number of general enhancements that are referenced in the What’s New Document. I’ve gone through that document and pulled out the ones that relate specifically to Cloud and Service Provider operations for those running IaaS and B/R/DRaaS offerings.

  • Maximum supported individual disk size and backup file size have been increased 10 times. With the default 1MB block size, the new theoretical VBK format maximums are 120TB for each disk in backup. Tested maximum is 100TB for both individual disks and backup files.
  • Optimized backup job initialization and finalization steps, resulting in up to 50% times faster backups of small VMs
  • Added experimental support for block cloning on deduplicated files for Windows Server 2019 ReFS
  • vPower NFS write cache performance has been improved, significantly improving I/O performance of instantly recovered VMs and making a better use of SSD drives often dedicated by customers to write cache.
  • vPower NFS scalability has been improved to more efficiently leverage expanded I/O capacity of scale-out backup repository for increased number of VMs that can be running concurrently
  • Support for Paravirtual SCSI controllers with more than 16 disks attached
  • Added JSON support
  • Added RESTful API coverage for viewing and managing agent-based jobs and their backups
  • Added the ability to export the selected restore point of a particular object in the backup job as a standalone full backup file (VBK)
  • Added ability to instantly publish a point-in-time state of any backed-up database to the selected SQL Server for dev/test purposes by running the database directly from the backup file
  • Added the ability to export a point-in-time state of any backed up database to a native SQL Server backup (.BAK file) to simplify the process of providing the database backup to SQL developers, BaaS clients or Microsoft Support
  • Added the ability to schedule Active Full backups on a particular day of the month, as opposed to just weekdays
  • Instant recovery of agent backups to a Hyper-V VM now support Windows 10 Hyper-V as the target hypervisor. This is particularly useful for managed service providers by enabling them to create low-cost all-in-one BCDR appliances to deploy at their clients’ premises.

What I pulled out above is just a small subset of all the general enhancements in Update 4. For Cloud Connect, there is a Post in the Veeam Forums here that goes through specific new features and enhancements in greater detail as well as fixes and known issues.

Stay tuned for future posts on the core new features and enhancements in Update 4 for Veeam Cloud and Service Providers.

References:

https://www.veeam.com/kb2878

http://www.veeam.com/veeam_backup_9_5_whats_new_wn.pdf

http://www.veeam.com/veeam_backup_9_5_u4_release_notes_rn.pdf

Veeam for Service Providers…Ten Plus Years of Innovation!

I remember the day I first came across Veeam. It was mid 2010 and I was working for Anittel at the time. We had a large virtualisation platform that hosted a number of high profile sites including a well known e-commerce site. There had been a serious data breach on one of those site and we were required by the Australian Federal Police to restore the website logs from a couple weeks back when the breach had first taken place.

We were using a well known product at the time to backup our vSphere platform and from the outside everything seemed ok. All backup reports where green and we thought the backups where verified. To cut a long and painful story short, when we came to restore the website logs we found that the backups had not worked as expected and we couldn’t retrieve data off a secondary partition due to a huge unknown bug in the software.

That was the end for that backup application (and interestingly enough they went out of business a few years later) and that afternoon we downloaded Veeam Backup & Replication v4 and went to work pushing that out into production. We (and I have) never looked back from there. Veeam did in fact Just Work! At that stage there were enough features in the software to cover all of the requirements for a VMware based hosting platform, and over the years as v5 and v6 were released more and more features and enhancements were released that made Veeam even better service providers.

By the time I left Anittel and headed to Zettagrid, Veeam had introduced more innovative features like Instant VM Recovery, vCloud Director Support, Cloud Connect Backup, the Scale Out Backup Repository just to name a few. In fact Veeam impressed me so much with their Service Provider features that I joined the company where I now focus my time on working with Service Providers as part of the Veeam Product Strategy Team focusing on our cloud and service providers products and features.

While I could bang on about all the features that Veeam has released over the years to enable us to become a significant player in the Cloud and Service Provider space, a picture tells a thousand words…and an interactive timeline showing just how innovative and focused Veeam has been on enabling our Cloud and Service Provider partners to succeed is priceless!

No other vendor has this track record of producing specific Cloud and Service Provider features and enhancements over the years and as you can see over the last three to five years we have moved with the industry to continue innovating in the cloud space by accelerating feature development and bringing great technology to the market.

If you are a Cloud and Service Provider and not using Veeam…what are you waiting for?

https://anthonyspiteri.net/veeam-vcsp-reverse-roadmap/

VCSP Important Notice: 9.5 Update 4 RTM Is Out…With vCloud Director Replication Support and more!

Today, Veeam has made available to our VCSP partners the RTM of Update 4 for Backup & Replication 9.5 (Build 9.5.4.2399). Update 4 is what we term a breaking update, meaning that if a Cloud Connect tenant upgrades from any previous 9.5 version before VCSPs this will break backup or replication functionality. With that in mind the RTM has been made available for our VCSP partners to ensure it is installed and tested before being pushed out to production before the GA release.

Veeam Backup & Replication releases from 9.0 (build 9.0.0.1715) can write backups via Cloud Connect to a cloud repository on 9.5 Update 4. For Cloud Connect Replication, existing Hardware Plan based replicas can go to a cloud host on 9.5 Update 4. To take advantage of the new vCloud Director based replication, tenants need to also be on Update 4.

As I detailed yesterday, there are a number of updates that need to be applied to Veeam ONE, Veeam Availability Console and Veeam Backup for Microsoft Office 365.

VCSP Features and Enhancements:

Update 4 is a very significant update and contains a number of enhancements and known issue fixes with a lot of those enhancements aimed at improving the scalability of the Backup & Replication platform that VCSPs can take advantage of. One important note is around the new Instance-based licensing model that all VCSPs should be aware of. There is an initial guide here, information in the VCSP Forums and there will be emails sent to explain the changes.

  • vCloud Director support – Massive Feature Enhancement! Simplifies setting up Veeam based DRaaS for Service Provides with vCD, and enhances tenants experience with additional capabilities provided by vCD
  • Capacity Tier – Move tenant’s backup files as they age out of operational restore window to a cheaper storage – AWS S3, Azure Blob or on premises object storage
  • Gateway pools – Create and assign pools of cloud gateways to the tenants
  • Tenant to tape jobs – Cloud Connect backups can be written to tape with the hand of GFS media pool and Backup to Tape jobs
  • Tenant-driven password change – Tenants can now change the password they use to connect to the service provider by editing one on the registered service provider
  • Platform Support – vCloud Director 9.5, VMware 6.7 Update 1 and Windows 2019 (1809) support.

There has also been a lot of work to improve and enhance scalability in the Backup & Replication Cloud Connect functionality to accomodate the increasing usage of Veeam Agent for Windows and Linux of which there is a new version (3.0) coming at the same time of Update 4 GA. For Veeam Availability Console, Update 4 will be taken advantage of fully in the upcoming major release a little later after the Update 4 GA.

Conclusion:

Once again, Update 4 for Veeam Backup & Replication is an important update to apply for VCSPs running Cloud Connect services in preparation for the GA release which will happen in about two weeks at our Velocity event. Once released I’ll link to the VeeamKB for a detailed look at the fixes but for the moment, if you have the ability to download the update do so and have it applied to your instances. For more info in the RTM, head to the VCSP Forum post here.

Important Updates for VAC, VBO and Veeam ONE … Update 4 is Coming!

Things are moving here at Veeam with the impending release of Veeam Backup & Replication 9.5 Update 4. In preparation for the release there have been a number of update patches released for our supporting platform products. Importantly for our Veeam Cloud and Service Providers who are expected to receive RTM details any day now, it’s important to understand that the following patches need to be applied ASAP before your main IaaS Veeam or Cloud Connect instances are updated to Update 4.

https://www.veeam.com/kb2832 – Veeam ONE
https://www.veeam.com/kb2835 – Veeam Availability Console
https://www.veeam.com/kb2809 – Veeam Backup for Microsoft Office 365

For Veeam ONE there is a little manual work to be done by way of an MSSQL script. If not executed before Update 4 is deployed, Veeam Cloud Connect monitoring and reporting in Veeam ONE 9.5 Update 3 will stop working.

For Veeam Availability Console,

the patch update is a Cumulative Patch for Update 1 of 2.0. This adds immediate compatibility support for Veeam Backup & Replication 9.5 Update 4 as well as Cloud Connect 9.5 Update 4 compatibility support which is how VAC does it’s communicating between the server instance and remote sites for monitoring and management of remote Backup Servers and Agents. Note that there are new features in Update 4 which will not be supported in this version of VAC…the next major release of VAC will add supportability for those features not supported.

As well as the Update 4 compatibility, there are also a number of resolved issues, the full list of which can be viewed in the VeeamKB. To apply the patch, head to the VeeamKB and follow the instructions. You need to have at least VAC 2.0 Update 1 Build 2.0.2.1750 as shown below.

From there, make sure you have a backup of the database, close down the Web UI and execute all three MSI packages as administrator on the server.

Once completed the patches are applied and VAC 2.0 Update 1 is up to date running on version number Server Version 2.0.2.1913. Note that updated Windows for Agent Builds have been pushed out and can be upgraded as per my post a few months back.

For Veeam Backup for Microsoft Office 365,

It’s important to note that standalone instances and also those installed ontop of instances with Veeam Backup & Replication Update 4, which would be most VCSPs who are utilising the Self Service feature through Cloud Connect need to be updated. DO NOT install on those running Update 3 or 3a. You need to running at least 2.0.0.567 or 2.0.0.594 before installing this cumulative patch before updating.

Like the Update patch for VAC, this is a Cumulative Patch and also includes a number of important resolved issues relating to SharePoint and OneDrive, Exchange Online, restore operations and general server fixes. The full list can be found in the Resolved Issues section of the VeeamKB. For those with tenants that run the Explorers for Exchange or SharePoint seperate to an installation of Veeam Backup & Replication 9.5 or those running pre Update 4 versions, there are also upgrades for both contained in the patch release.

All set for Update 4!

With all that in place, VCSPs should be ready to deploy the RTM of Update 4 when it becomes available. Stay tuned for more information on that front. There is lots to love about Update 4 for Service Providers and customers alike!

 

« Older Entries