my personal blog about systemcenter

All posts in DPM

Deploying Data Protection Manager in a dedicated domain

Categories: Active Directory, Data Protection Manager, Disaster Recovery, DPM, Hyper-V
Comments Off on Deploying Data Protection Manager in a dedicated domain

Data Protection and the ability recover data is key to keeping your job and your company alive.

The demo setup thats is going to be used in this post are

  • PROTECTDC01 Domain Controller in the PROTECT Forest
  • PROTECTDC02 Domain Controller in the PROTECT Forest
  • PROTECTDDPM01 Data Protection Manager Server in the PROTECT Forest
  • FABRICDC01 Domain Controller in the FABRIC Forest
  • FABRICDC02 Domain Controller in the FABRIC Forest
  • FABRICHV01-04 Hyper-V HyperConverged Instal
  • FABRICHVC01 Hyper-V Cluster with member FABRICHV01-04
  • WORKLOAD01-05 Virtual Workload in the FABRIC Hyper-V Cluster

As this is a test enviroment everything are stuck on one box.

For the real world deployment the FABRIC and PROTECT domain must be seperated , the whole point in this post will be if you for some reason get compromised in your FABRIC domain , you will still have access to the PROTECT domain and maintain the ability to recover your data.

This also means that in a larger enviroment you can easier seperate the roles so one team wont have access to both source and target of backup data

We do in the example log in interative on the fabric domain , so if the host is compromised before agent install the protect domain is going down the same path , so there is still some work to be done but beats having everything in one domain.

image

On the PROTECT domain setup DNS forwarders to the FABRIC domain

image

And in Reverse to get name resolution up and running up between the two forests

image

Setting up the trust

image

Setting up the trust

image

for this test forest-wide is used , tighter security can be used with selective authentication

image

On the 4 Hyper-V Hosts we add the DPM account from the protect domain


image

We then add the DPM agent to all Hyper-V hosts and run the

SetDPMServer –dpmservername protectdpm01.protect.azurestack.coffee  , this connects the Hyper-V host to the remote DPM server

image

On the data protection manager , we use Attach Agents

image

And we add the 4 Hyper-V hosts manually

image

And we now have all 4 servers

image

use credentials in the fabric domain or the dpm account to attach the agent


image

Sucess

image

Create a protection group browse to the VM’s and add them

And we can now backup from a dedicated domain from the Fabric domain



This post will cover the basics for settings up integration with Amazon Virtual Tape Library with AWS/Glacier as target

Microsoft have a competing solution that integrations Azure into the Data Protection Manager Console , that have been covered in earlier post and will be covered more in a post where the two solutions is being compared

Amazon Virtual Tape library is a low cost highly flexible solution and below if their own description of the device

Gateway-Virtual Tape Library (Gateway-VTL): With Gateway-VTL you can have a limitless collection of virtual tapes. Each virtual tape can be stored in a Virtual Tape Library backed by Amazon S3 or a Virtual Tape Shelf backed by Amazon Glacier. The Virtual Tape Library exposes an industry standard iSCSI interface which provides your backup application with on-line access to the virtual tapes. When you no longer require immediate or frequent access to data contained on a virtual tape, you can use your backup application to move it from its Virtual Tape Library to your Virtual Tape Shelf in order to further reduce your storage costs.

Pricing is difference from each region , and long term storage cost is alot cheaper than “near” online storage.

So its time to grab a excel jedi and calculate the cost vs Azure vs Tape

image

image

Amazon have a very good guide to setup a new gateway , suppport requirement for Hyper-V is right now 2008 R2 , this test is on 2012 R2 so unsupported and not usable for production until Amazon gets the VTL upgraded.

image

The gateway have 3 modes , this post will cover the Virtual Tape Library mode and not the other operations.

Supported Hypervisors and Host Requirements

You may choose to run AWS Storage Gateway either on-premises, as a virtual machine appliance, or in AWS, as an Amazon EC2 instance.

AWS Storage Gateway supports the following hosts for deployment on your premises:

VMware ESXi Hypervisor (version 4.1 or 5.0). A free version of VMware is available on the VMware website. You will also need a VMware vSphere client to connect to the host.

Microsoft Hyper-V 2008 R2. A free, standalone version of Hyper-V is available at the Microsoft Download Center. You will need a Microsoft Hyper-V Manager on a Windows client computer to connect to the host.

Supported Backup Software (Gateway-VTL Only)

Typically, you will use a backup application to read, write, and manage tapes with a gateway-VTL.

The following lists the third-party backup software that Gateway-VTL supports.

Microsoft System Center 2012 R2 Data Protection Manager

image

I want to run the AWS Storage Gateway on Microsoft Hyper-V

image

Download the AWS Storage Gateway Virtual Machine (VM) software. Unzip the downloaded file and make note of the location of the folder that was created.

image

Using Microsoft Hyper-V Manager client, connect to the host hypervisor that you will be using to run the AWS Storage Gateway.

image

Since we cant use the template out of the box we create a new machine

image

Select name and location

image

and Generation 1

image

for testing purpose i set the vm to 8gb of memory and 4 cpu’s

image

And added a nic , this test uses one nic both for iscsi to the VTL and to transfer to the internet this can be seperated

image

Use the VHD supplied from the image from Amazon

image

Your gateway prepares and buffers your application data for upload to AWS by temporarily storing this data on disks referred to as upload buffer.

Using your Hyper-V Manager client, allocate one or more local disks to your gateway VM for your gateway’s upload buffer. To estimate the amount of upload buffer your gateway requires, use the approximate data you plan to virtual tape cartridges on a daily basis. It is strongly recommended that you allocate at least 150 GBs of upload buffer. You can refer to our documentation for a more precise calculation.

image

for testing i added a small workload so we didnt need large cache files locally

image

image

image

image

So 2 files og 256GB was added to the VM

image

time to power on the VM

image

hit 2 Static Ip Address

image

image

add the ip address on the gateway activation

image

Select the Medium Changer STK-L700 for Data Protection Manager Support

image

Its time to create some virtual tapes

image

First step is to setup the Upload and Cache on the 2 drives created on the VM

image

image

100GB tapes with a prefix for TEST

image

And we now have a virtual tape libray and LTO drives

image

On the DPM server connect through ISCSI to the VTL VM

image

image

Connect the 10 drives and the media changer

image

In device manager update the unknow media changer to Sonly A500C

http://docs.aws.amazon.com/storagegateway/latest/userguide/backup-DPM.html

image

image

in DPM hit Rescan under Library

image

You will see the Libray and 10 stand alone drives

image

Hit “Add Tape” to impor the virtual tapes

image

image

net stop DPMLA

The DPMLA service is stopping..
The DPMLA service was stopped successfully.

STOP the loader service

C:\Program Files\Microsoft System Center 2012 R2\DPM\DPM\bin>DPMDriveMappingTool

.exe
Performing Device Inventory …
Mapping Drives to Library …
Adding Standalone Drives …
Writing the Map File …
Drive Mapping Completed Successfully.

Run the DPMDriveMappingTool

C:\Program Files\Microsoft System Center 2012 R2\DPM\DPM\bin>net start dpmla

Start the Loader service

The DPMLA service was started successfully.

C:\Program Files\Microsoft System Center 2012 R2\DPM\DPM\bin>

image

Rescan the library again

image

And you should see a loader with 1600 slos and 10 drives

image

Run a detailed inventory, note since its 1600 slots its takes 10-15 minutes on my test machine

image

And we now have something to backup to

image

Modify the protection group to add Long Term Storage

image

Select a fitting schedule

image

For testing i only uses one drive and compression not encryption , security will be convered in a future post

image

Create Recovery Point

image

And select long term recovery

image

and we know have backup to cloud instead of local tape drive.

Next post will cover more detailed monitoring of cache/buffer and tape handling in Amazon


Data Protection Manager 2012 R2 UR4 Support SQL 2014

Categories: Data Protection Manager, DPM, SQL
Comments Off on Data Protection Manager 2012 R2 UR4 Support SQL 2014

With the release of update rollup 4 for Data Protection Manager 2012 R2 , it is now supported to protect a remote SQL server running SQL 2014 (about time)

http://blogs.technet.com/b/dpm/archive/2014/10/29/protect-sql-server-2014-using-dpm-2012-r2.aspx

There are still some features that isnt supported to test and verify , v.next will support/require SQL 2014 as DPM database target but in 2012 R2 UR4 its protected data only

Install is pretty straight forware as usual

Push the agent , will require a reboot due to updated filter driver

clip_image002

After server have been reboottet verify that SYSTEM have sysadmin rights on the SQL server you want to protect

image

Create new protection group

image

Select Servers

image

browse the SQL instance , and select auto to ensure that all databases will be added

image

Name the protection protectoin group , in the demo setup there is no tape libarary so short term only

image

And a hourly backup

image

Sucess ! Smiley

image

and a few minutes later we now have a valid backup , ready for first restore test

Do not stop , go to your test enviroment patch hyper-v and DPM and Enjoy

Categories: 3PAR, Data Protection Manager, DPM, Hyper-V, Windows Server 2012 R2
Comments Off on Do not stop , go to your test enviroment patch hyper-v and DPM and Enjoy

So one of the news in UR3 to Data Protection Manager 2012 R2 is the Scalable VM Backup

This adds more scale to each DPM server ensuring backup of the VM on each host

http://support.microsoft.com/kb/2966014

Features that are implemented in this update rollup
  • Scalable VM backup
    This update rollup improves the reliability at scale for Virtual Machine (VM) backups on Hyper-V and Windows Server 2012 R2 infrastructures. This feature is supported on both Cluster Shared Volumes (CSV) and scale-out file server (SOFS) storage configurations for VMs.
    Prerequisites

 

Ensure April Update on Everything

image

So patch your test dpm servers and update the agents

image

Reboot is NEEDED even on 2012 R”

image

Sucess Smiley

 

image

You will need to run a consistency check of all VM’s

image

image

DPM issues a checkpoing before the CC

image

After checkpoint is complete we can create a recovery point

image

image

And we can see the snapshot being created and the deltas moved.

image

and on the plus side , no more errors on the VDS Basic Provider after the upgrade , and from the testing so far no issues with ODX enabled

PATCH TEST WAIT DEPLOY in PRODUCTION

Backup with ODX enabled on HP 3PAR with Data Protection Manager

Categories: 3PAR, Data Protection Manager, DPM, Hyper-V, Windows Server 2012 R2
Comments Off on Backup with ODX enabled on HP 3PAR with Data Protection Manager

 

So far we had a mixed experience with ODX and HP 3PAR  , backup was painfull with locked luns , moving vm around was even more painfull with data corruption

So until now we have disabled ODX on everything 3PAR related other arrays have issue with backup , and since its software the solution so far have been a mix between HP and Microsoft

This is “only” a issue when doing backup of a CSV volume standalone host havent been affected again back to the mix between HP and Microsoft

From what we seen so far

 

 

2012 R2 with April update and http://support.microsoft.com/kb/2966407 will fix

Assume that you install update 2919355 on a Windows 8.1-based or Windows Server 2012 R2-based computer. When you try to back up some Hyper-V virtual machines that reside on cluster shared volumes, you receive an error message that indicates the backup request has failed.
Here is a sample of the error messages that you may encounter when this issue occurs:

Error(s): vss_e_unexpected_provider_error
Csv writer is in failed state with unexpected error

 

On the 3PAR side we have upgraded to 3.1.3 and will apply some more patches tomorrow and continue testing

SCOPE

Windows Server 2012 or Windows Server 2012 R2 hosts with ODX in use with HP 3PAR StoreServ Storage running HP 3PAR OS version 3.1.2 GA, 3.1.2 MU1, 3.1.2 MU2, 3.1.2 EMU2, or 3.1.2 MU3.

RESOLUTION

Upgrade the HP 3PAR OS on the HP 3PAR StoreServ Storage to 3.1.2 MU2 or later if running a lower HP 3PAR OS version. Next apply the patch as follows:

  • For 3.1.2 MU2 and 3.1.2 EMU2, apply Patch 11 followed by Patch 36.

  • For 3.1.2 MU3, apply Patch 30.

 

image

So after Windows Patches and Upgraded 3PAR we can now backup mutiple VM (was 2 before) and move data around with ODX enabled.

What remains for the next week is to move VM around with storage migration to verify that the data corruptions also is history.