Monday, 26 October 2015 00:00

Microsoft private cloud backup challenges

Rate this item
(0 votes)

There are two major challenges that must be addressed when backing up a Microsoft private cloud: figuring out what needs protection and backing up virtual machines.

One of the big trends in IT is the move from relatively simple virtual server environments to private or hybrid clouds. As organizations contemplate such a transition, they must consider how a private cloud implementation will impact their backup process.

A Microsoft private cloud is built from the same basic components as a typical Hyper-V deployment: Hyper-V servers, System Center Virtual Machine Manager (SCVMM), and one or more Cluster Shared Volumes. If your organization uses Microsoft Hyper-V, you probably know how to back up these components.

When it comes to backing up a Microsoft private cloud environment, there are two challenges that must be addressed:

  • Ensuring everything necessary to rebuild the private cloud in the event of a failure is backed up.
  • The ability to back up virtual machines (VMs) residing on inaccessible virtual network segments.
  • What components require protection?

    Every private cloud is different, so each organization's backup requirements will also vary. As a general rule, backing up a Microsoft private cloud environment requires backing up the Azure Pack server, all Hyper-V servers, and SCVMM and its underlying database.

    Azure Pack is a Web application that provides tenant and administrative access to the private cloud environment. A server running Azure Pack requires IIS, the Virtual Machine Manager console, the Service Provider Foundation (part of System Center Orchestrator) and a few other miscellaneous components (such as the .NET Framework). Azure Pack also uses a SQL Server database of its own that will need to be backed up.

    As you prepare to back up a Microsoft private cloud environment, it is extremely important to include Active Directory. Microsoft private clouds require several different service accounts to function. These service accounts exist within the Active Directory database.

    Backing up virtual machines

    When backing up private cloud environments, a critical factor is tenant isolation. Private cloud environments generally provide self-service VM creation and management capabilities to authorized users. Such users are able to use the Azure Pack Tenant portal to build VMs from predefined templates. Once a VM has been created, users can configure and use it as they see fit.

    Because users can do almost anything with the VMs they own, a private cloud environment must enforce tenant isolation. In doing so, the private cloud places each tenant's virtual machines onto a separate, isolated network segment. This isolation prevents any tenant from accessing (or even seeing) another tenant's VMs.

    To put this concept into perspective, consider the way that public clouds such as Microsoft Azure or Amazon Web Services work. Public cloud providers have a number of different customers, each of whom creates their own VMs. A public cloud provider puts isolation boundaries into place to preserve each customer's security and privacy. These same boundaries also prevent the underlying cloud infrastructure from being exposed to customers. Microsoft private cloud environments use these same sorts of controls to provide tenant isolation.

    So how can a backup administrator back up VMs that exist on a completely isolated network segment? There are two approaches that can be used.

  • Back up each Hyper-V server at the host level. This will cause all the VMs to be backed up. The virtual networks, tenants and permissions are configured through SCVMM and stored in an SQL Server database, so these components will also need to be backed up.
  • Perform a guest-level backup of VMs. Guest-level backups are generally discouraged in cloud-scale environments because they can be labor-intensive. Even so, there may be some situations in which host-level backups of specific VMs are problematic.
  • If you need to perform a guest-level backup of a tenant VM, you will have to do more than just install a backup agent into the virtual machine. Remember, virtual network isolation makes the VM invisible to the backup server. The solution is to handle the backup as if you were backing up a VM from across the Internet. In most cases, tenant VMs can access the Internet. As such, you may be able to set up a logical VPN connection that allows the backup server to communicate with VMs on an isolated network segment. Care must be taken to implement firewall rules that prevent anything other than backup traffic from passing across this link.

    Backing up a Microsoft private cloud is not overly difficult, although guest-level VM backups can be challenging. As a best practice, you should avoid guest-level backups of tenant VMs unless absolutely necessary.

    Reference: http://searchdatabackup.techtarget.com/tip/Microsoft-private-cloud-backup-challenges

    Last modified on Monday, 26 October 2015 15:19
    Data Recovery Expert

    Viktor S., Ph.D. (Electrical/Computer Engineering), was hired by DataRecoup, the international data recovery corporation, in 2012. Promoted to Engineering Senior Manager in 2010 and then to his current position, as C.I.O. of DataRecoup, in 2014. Responsible for the management of critical, high-priority RAID data recovery cases and the application of his expert, comprehensive knowledge in database data retrieval. He is also responsible for planning and implementing SEO/SEM and other internet-based marketing strategies. Currently, Viktor S., Ph.D., is focusing on the further development and expansion of DataRecoup’s major internet marketing campaign for their already successful proprietary software application “Data Recovery for Windows” (an application which he developed).

    9 comments

    • Comment Link Kourtney Monday, 23 October 2017 13:52 posted by Kourtney

      Article writing is also a fun, if you know after that you can write otherwise it is complicated to
      write.

    • Comment Link Vance Sunday, 22 October 2017 21:49 posted by Vance

      Having read this I believed it was extremely enlightening.
      I appreciate you spending some time and energy to put this short article together.
      I once again find myself spending a lot of time both reading and leaving comments.
      But so what, it was still worth it!

    • Comment Link Isabella Saturday, 21 October 2017 18:42 posted by Isabella

      Way cool! Some very valid points! I appreciate you
      writing this article and the rest of the website is very
      good.

    • Comment Link Francesco Saturday, 21 October 2017 17:44 posted by Francesco

      Thank you for sharing your info. I really appreciate your efforts and I am waiting for your further write ups thanks once again.

    • Comment Link Sam Friday, 20 October 2017 00:36 posted by Sam

      Hey There. I found your blog using msn. This is an extremely well written article.
      I will make sure to bookmark it and come back
      to read more of your useful information. Thanks for the post.

      I will certainly return.

    • Comment Link Carole Monday, 16 October 2017 05:46 posted by Carole

      Hey There. I found your blog using msn. This is a very well written article.
      I'll make sure to bookmark it and return to read more of
      your useful information. Thanks for the post. I'll definitely comeback.

    • Comment Link Rene Saturday, 07 October 2017 14:18 posted by Rene

      Oh my goodness! Incredible article dude! Many thanks, However I am encountering
      difficulties with your RSS. I don't understand the
      reason why I can't subscribe to it. Is there anyone else getting identical RSS problems?

      Anybody who knows the solution can you kindly respond?
      Thanx!!

    • Comment Link Fidelia Saturday, 30 September 2017 15:04 posted by Fidelia

      Howdy just wanted to give you a quick heads up. The text in your post seem to be running off the screen in Opera.
      I'm not sure if this is a formatting issue or something to do with
      internet browser compatibility but I figured I'd
      post to let you know. The design look great though! Hope
      you get the issue fixed soon. Thanks

    • Comment Link Antonietta Thursday, 28 September 2017 17:33 posted by Antonietta

      Very nice post. I just stumbled upon your blog and wished to say that I have really enjoyed surfing around your blog posts.

      After all I'll be subscribing to your feed and I hope you write again soon!

    Leave a comment

    Make sure you enter the (*) required information where indicated. HTML code is not allowed.