January 5, 2018
Choosing the Right Hyper-V Backup Strategy
Microsoft’s Hyper-V hypervisor has gained tremendous traction in enterprise datacenters lately, with many organizations now running their business-critical infrastructure on Hyper-V. With that being said, choosing the right Hyper-V backup strategy is key for making sure your Hyper-V data protection operations are effective. Additionally, it is essential to choose the right data protection product to carry out your Hyper-V backup. This post will go through some backup strategies you can implement to make sure you have an efficient and feasible Hyper-V data protection plan.
Use Host-level, Image-based Backups
If you need to back up production workloads in Hyper-V, you can take two approaches to backing up virtual machine resources. Backup agents that work within the guest operating system have been utilized since legacy backup solutions first started backing up virtual machines. To learn more about legacy backup solutions and their shortcomings when compared to modern backup software, you can download this free White Paper.
It is much better to use host-level, image-based backups of your virtual machines than backup agents. Why is this the best strategy? Let’s find out.
Host-level backups, from a management standpoint, provide a much more centralized approach to backing up virtual machines in a Hyper-V environment. Backup solutions that can interact directly with the Hyper-V host can pull backups of its virtual machines from the host level.
This allows you to create “image-level” backups. An image-level backup of the virtual machine from the Hyper-V host has the added advantage of capturing all the virtual hardware and its settings. This is important during the restore process, as the image-based backup is able to recreate the virtual machine in its entirety. You will not need to reconfigure it.
Since in-guest agents are unaware of the underlying hardware, they only capture the data, and not the virtual hardware settings. During a restore, one would have to recreate the virtual hardware, and then restore the data inside the virtual machine. This could prove to be problematic and time-consuming. The best strategy here is to use host-level, image-based Hyper-V backups, if possible. Back up your Hyper-V: download the full-featured Free Trial of NAKIVO Backup & Replication, install in under 1 minute, and ensure unprecedented protection of your virtual data.
Saved State vs. Child VM Snapshots
There are basically two methods for creating backups in Hyper-V environments – “Saved State” and “Child VM Snapshot”. Both of them leverage the Volume Shadow Copy Service (or VSS) – a technology that is included in Windows and allows taking both manual and automatic backup copies or snapshots of files or volumes, even if they are in use).
Saved state backups are generally referred to as offline backups. To take them, the Microsoft Hyper-V VSS Writer briefly puts a Hyper-V virtual machine into hibernation to create a stable image of the system, and then quickly returns this VM to its previous state. This process results in the virtual machine being unreachable for a few seconds, which is most likely undesirable. Additionally, saved state backups are not application-aware. This means that if you are using the “Saved State” method, backups of virtual machines running applications that require transactional consistency, such as databases, will not be backed up in a consistent state.
Child VM snapshots are also known as online backups and are preferable. The virtual machine remains accessible throughout the VSS operation. Furthermore, a Hyper-V backup that utilizes the “Child VM Snapshot” method can be application-aware, which means that database applications can be backed up while retaining transactional consistency. While more beneficial, this method has more stringent requirements, including installed and up-to-date Hyper-V Integration Services software, a consistent powered-on state, only basic (non-dynamic) disks running in the virtual machine, and a file system such as NTFS that supports snapshots.
Hyper-V Checkpoints Are Not Backups
Many have made the mistake of thinking that checkpoints/snapshots are a reliable form of backup. While Hyper-V checkpoints do allow rolling back to an earlier point in time, they are not to be viewed as backups. Why is this the case? Like VMware snapshots, checkpoints in Hyper-V rely on the underlying virtual infrastructure, including the base VHD or VHDX disks and any other checkpoint files in place. This means if any of that underlying virtual file structure becomes corrupted, the checkpoint may also be unusable. Backups should be autonomous from the virtual infrastructure they are backing up. Never rely on checkpoint files as a form of reliable backup. Checkpoints should only be used as a tool for quick rollbacks in the development process or other specific use cases. Learn more here.
Consider RTO and RPO in Your Hyper-V Backup Strategy
Any Hyper-V backup strategy formulated by your organization for data protection must take into account RTO and RPO. These are probably the two most frequently used acronyms related to backups and data protection plans. Understanding RTO and RPO is important in order to formulate your organization’s disaster recovery plan. Let’s briefly discuss RTO and RPO and how they relate to disaster recovery when formulating a Hyper-V backup strategy.
Your RTO, or Recovery Time Objective, is a very important metric when developing backup strategies. This is the target time you set for being able to recover from a DR event. The RTO you set for your backup/recovery strategy is, basically, the amount of time you can afford to have systems down and still have business operations functioning at an acceptable level. Download our free White Paper, “How to Calculate a Recovery Time Objective and Cut Downtime Costs”.
Your RPO or Recovery Point Objective is the amount of time that can pass between backup iterations – basically, how long ago your last restore point could have taken place. Thus, it represents the amount of data that you can afford to lose after a restore and still function at an acceptable level. Generally speaking, your RPO is a key factor in setting your backup schedule.
Always keep in mind that you must determine RTO and RPO values for your various VMs and design your data protection solution accordingly. Choosing the right Hyper-V backup strategy will require you to take both of these values into consideration.
Use Resilient Change Tracking
One of the most powerful new features in Windows Server 2016 is the addition of Resilient Change Tracking, or RCT. Many are familiar with changed block tracking (or CBT) in VMware environments. Resilient Change Tracking is Microsoft’s implementation of CBT. This allows backup jobs to copy only those blocks of data that have changed between backup iterations (after an initial full backup). This makes backup and replication much more efficient than copying the entire virtual machine with each backup or replication run. Before Windows Server 2016, data protection solutions had to use a proprietary filter driver to implement a form of changed block tracking. Now that RCT is a native part of Windows Server 2016, data protection solutions no longer need a proprietary method. This makes the backup process much quicker and more efficient than previous methods and implementations with Hyper-V. You will definitely want to take advantage of RCT with your Hyper-V backups. Please note that in order to implement RCT, in addition to Windows Server 2016, you need to have at least version 6.2 of virtual machine configuration in place.
Use Application-aware Backups
Most business-critical applications hosted by production Hyper-V workloads will involve a database that requires transactional consistency. Applications like Microsoft SQL Server and Microsoft Exchange are examples. If these database-driven applications are important for your organization, you will need to perform Hyper-V backups that are “application-aware”. These types of backups are able to flush transactional information from memory and commit any pending disk I/O operations before performing a VSS snapshot. This allows the application to be backed up in a consistent state, and no other steps need to take place when you restore the virtual machine for these applications to be usable and up-to-date. This helps reduce restore times as well as RTOs, so it is highly advisable when designing your Hyper-V data protection solution.
Reduce the Size of Your Hyper-V Backups
We have already discussed improving the efficiency of your backups by using the new Resilient Change Tracking feature in Windows Server 2016, which drastically reduces the size of backup iterations. You can further shrink your Hyper-V backups by making sure to skip unnecessary data such as swap files (or paging files). Swap files are used for temporary storage to augment system memory; they are of no use when restoring a virtual machine. Below, you can see the approximate total size of paging files of your system, and how much smaller your Hyper-V backups could get if you skip swap/paging files during the backup process.
Minimizing the size of your Hyper-V backups is a key part of a successful Hyper-V backup strategy. Therefore, it is also important to use a data protection solution that makes use of deduplication and compression when storing Hyper-V backups.
Utilize Backup Copies
If you want to ensure resilience in your Hyper-V backup strategy, you should never keep only one copy of your backup data. The best practice is to use the 3-2-1 backup rule, which states that you should have at least three copies of data, on two different mediums, of which at least one is off-site. Much like having a replica of production workloads, having a copy of your backup data allows you to store it in a secondary location, so that if the primary backup repository is lost because of an issue that affects the entire site, you still have another copy available. In today’s world of cheap public cloud storage, you have many options available for storing copies of backup data. Using the public cloud for backup copies allows your organization to be flexible and agile, and easily spread data storage across different geographic regions to maximize resiliency.
Having backup copies as part of your overall data protection solution is an important consideration when evaluating your Hyper-V backup strategy.
Encrypt Your Hyper-V Backups
Make sure you secure your backup data. All too often, backup data is forgotten when it comes to an overall data security strategy for organizations. When thinking about securing backup data, you will want to encrypt backup data both “in flight” and “at rest”. This secures data when it is moving across the network as well as when it is sitting in a disk or backup repository. Any successful Hyper-V backup strategy should include encrypted backups as part of the overall solution.
Verify Your Hyper-V Backups
It is crucial to verify your Hyper-V backups; backups are only as good as their ability to be restored. Many have found themselves in an unfortunate position during a true DR scenario when it turned out that the backup data was unexpectedly corrupted, or that their system was not backing up what they assumed it had been backing up. Be sure to include in your Hyper-V backup strategy a means of verifying your backups to ensure any issues that may exist will be found beforehand, and not during a disaster recovery scenario. The easiest way to verify your backups is to choose a data protection solution that includes a built-in, automated backup verification mechanism. Manually verifying backups is extremely difficult and labor-intensive, and often leads to incomplete or unreliable verification jobs.
Use NAS-based VM Backup Appliance for Enhanced Protection of Your Data
Using a NAS-based VM backup appliance as a target for your Hyper-V backups provides resiliency, up to 2X faster backup speeds, and cost savings. Having a hardware-based NAS backup appliance guarantees no reliance on any part of the existing virtual infrastructure to be able to restore data. If part of the backup infrastructure exists in, or is reliant on, the virtual infrastructure itself, there will be serious issues, if the virtual infrastructure becomes unavailable due to hardware failure or other circumstances. By installing modern software directly onto a NAS-based appliance, backups can be written directly to NAS disks, bypassing the overhead of network protocols, such as NFS and CIFS. This significantly reduces overhead induced by network protocols or any network latency with competing traffic.
Automate Your Hyper-V Backups
Automation is important for today’s organizations to be able to meet the growing demands for “always-on” infrastructure. Automating routine processes frees up your IT staff, allowing them to handle new tasks that require their attention. Data protection operations are no exception, and can certainly benefit from automated tasks and processes. Making sure the key backup and replication processes are performed in an automated fashion removes the risk of human error and makes for efficient, agile operations. When choosing a data protection solution, make sure it contains APIs that allow for automation of backup, replication and copy jobs. It’s even better if there is an automated backup verification tool. This will go a long way to providing you with a powerful, streamlined, and efficient Hyper-V backup strategy. Download the latest Free Edition of NAKIVO Backup & Replication, the #1 solution for Hyper-V backup.
Choosing the right Hyper-V Backup strategy is essential, if you want an effective, efficient, resilient, and robust data protection solution for Hyper-V environments. Carefully considering the several key components outlined in this article will help you ensure a successful data protection plan. You should choose a data protection solution that will enable you to meet your goals. Modern data protection solutions, such as NAKIVO Backup & Replication, can satisfy all the demands of a solid Hyper-V backup strategy, and also allow you to protect multi-hypervisor environments, which is useful in today’s hybrid cloud infrastructure.