When Veeam Backup & Replication v11 went Generally Available on the 24th of February I posted the What’s in it for Service Providers blog. In that post I briefly outlined all the new features and enhancements in v11 as it related to our Veeam Cloud and Service Provider Partners. As mentioned each new major feature and enhancement listed below deserves its own seperate post. Today I’m kicking off the series with the continued push towards Linux based components in Backup & Replication architectures… the enhancements to the Linux Backup Proxy data movers.
As a reminder here are the top new features and enhancements in Backup & Replication v11 for VCSPs (with links as created)
- Linux Backup Proxy Enhancements and other Linux Enhancements
- Data Integration API Enhancements supporting more platforms
- Continuous Data Protection for VMware Platforms
- VMware Cloud Director to Cloud Director Replication
- VMware Cloud Director Native HTML5 Tenant Portal, SSP Enhancements and 10.2 Support
- Archive Tier, Object Storage and other SOBR Enhancements
- New PowerShell Module and RESTful API
- Hardened Linux Repository for Immutability on Primary Landing Zones
- Enhanced Instant Recovery for Databases and NAS
- Improved Restore to EC2 and Backup for AWS/Azure Support
- Enhanced Linux File-Level Recovery
- Veeam Agents for Windows and Linux v5.0 and Agent for Mac v1.0
Building on v10 Linux Backup Proxy for VMware
The Backup Proxy is an essential component of Veeam Backup & Replication’s distributed architecture. It acts as a data mover, retrieving the data from the production storage, processing it on the fly (compression, deduplication and encryption) and pushing it to the target repository. Prior to v10, it has always been a requirement for a Proxy Server to run on a Windows-based OS, which sometimes wasn’t the best scenario for users due to additional Windows license overhead, automation challenges and whatnot. Version 10 introduced the long-awaited capability to run a Backup Proxy on Linux distributions. This was somewhat tapered by the fact that this was only supported for a Virtual Server with Hot-Add mode which was fine for a number of Service Providers, but for those that preferred Physical Servers or had a requirement for Direct SAN or to backup from a storage snapshot, this was a shortcoming in addition to the fact that Network Mode (NDB) also wasn’t supported.
Enhancing The Linux Backup Proxy in v11
In v11, the Linux Backup Proxy has the following capabilities
- Physical or Virtual
- Network Mode (NDB)
- Direct SAN. (NFS, iSCSI, FC)
- Backup from Storage Snapshot (iSCSI, FC)
- Asynchronous read support for Hot-Add
- Advanced Data Fetcher support
- Quick Rollback / CBT Restore
It shouldn’t be underestimated that the additions to the Linux Proxy functionality in v11 are significant and in almost all cases will allow Service Providers to get rid of all Windows based Proxies in their environments. This will reduce licensing and streamline the time to deploy and configure. Proxies are scalable components in the design of the Veeam platform, especially if there is no need for physical servers.
We have also added the ability for a Persistent Data Mover to be configured on a Linux Proxy (also repository). This involves the transport components deployed persistently when you setup a Linux server. This improves performance and scalability, as data movers no longer require being pushed to the server each time a task starts. There is also enhanced security, when leveraging single-use credentials, the persistent data mover will run as the limited user from the credentials set it was deployed with. As a result, any potential vulnerabilities in the internal data mover API cannot be used by hackers to overtake the operating system. There are also some additions around being able to use PKI infrastructure and new support for elliptic curve (EC)-based SSH key pairs.
Benefit to Service Providers
It is obvious where the value lies for Service Providers with these enhancements. In the v10 release of the Linux Proxy is was heavily restricted to Hot-Add in a virtual machine. Now, with the extended transport modes now supported and the performance additions, it stands almost side by side with the Windows Proxy in terms of functionality and performance. This then allows SPs to free up Windows resources and licenses to streamline services. With the addition of automation tooling like my Proxy AutoDeploy Project Linux proxies are a brilliant way to scale Veeam infrastructure while being more efficient.
Additional Info – Requirements and Limitations for Linux Backup Proxy
In addition to the general requirements and limitations, the following ones apply to Linux backup proxies:
- Linux backup proxies require Veeam Data Mover Service. Therefore, the user account that you specify for the Linux server must be a root user or user elevated to root.
- Linux backup proxies require SSH connection. Therefore, you cannot assign the role of a backup proxy to a Linux server added with single-use credentials.
- The disk.EnableUUID parameter of the Linux server must be set to the TRUE value in the VMware vSphere client.
- Linux backup proxies cannot be used with VMware Cloud on AWS.
- Linux backup proxies that use virtual appliance (Hot-Add) transport mode do not support the VM copy scenario.
- For integration with storage systems: Linux backup proxies do not support the NFS protocol.
- Linux backup proxies cannot be used for guest interaction.