Delivering BaaS and DRaaS with Multi-Tenancy – BaaS Configuration

In our previous post, we took a look at NAKIVO Backup & Replication Multi-Tenancy configuration. The Multi-tenant configuration allows us to enable Backup-as-a-Service (BaaS) or DR-as-a-Service (DRaaS) functionality for multiple tenants/clients. Previously, we looked at the installation of the Multi-tenant mode of NAKIVO Backup & Replication including configuration requirements for the backup infrastructure as well as licensing. In this post, we want to focus in on the Backup-as-a-Service or BaaS functionality that is provided with the Multi-tenant configuration and the features and functionality that is served out to the tenants/clients in this configuration. As mentioned in the previous overview post looking at Multi-tenant configurations, the tenant backup services are completely isolated, so one tenant is isolated from seeing the backups of another tenant or any other details of the peer tenant environment. This means that our backups that are performed and backups we have available to be restored are containerized in a sense as its own environment.

Backups-as-a-Service (BaaS) Configuration

With Backup-as-a-Service or BaaS, we are able to provide, as a service, the ability to backup virtual resources whether they be VMware, AWS, or Hyper-V single node or cluster environments. The service level approach is very attractive to organizations in many senses. We can for instance, if using various areas of delegation in the enterprise, provide the ability as a service to backup virtual resources to a child organization or other business unit within the same organization if we are looking at delegating IT processes and procedures to those child or business units. This way we can preconfigure and enforce our configuration for backups since the Multi-tenant configuration provides a single pane of glass approach to managing VMware or Hyper-V backup resources and configurations.

Also, Managed Service Providers or MSPs can take advantage of the Backup-as-a-Service (BaaS) functionality to be able to offer clients the best backup solution for Hyper-V, VMware and other environments while managing it themselves. The MSP then provides the backup service solution to the organization so they have the ability to manage the process of backups themselves, while the actual infrastructure is managed by the MSP.

As was highlighted in the overview post, each tenant is able to have a separate configuration utilizing its own transporter(s) and backup repository. This way configurationally the tenants are isolated and autonomous. We are simply using the same Director to manage the different tenant installation configurations. When each tenant logs in, they are unable to see the peer configuration and are even unaware there are additional configurations present in the Director component. Each tenant effectively sees the normal NAKIVO Backup & Replication interface as it would be seen in a normal, non Multi-tenant configuration. To show what that looks like, let’s step through a VMware backup job that is being setup from the perspective of Tenant1 that is housed in a Multi-tenant configuration.

Notice below we are logging in as the tenant1admin user which is the user configured with access to the Tenant1 VMware environment.

BaaS Configuration

We see the VMware inventory and resources that are contained and configured within the Tenant1 environment. We pick the VM that we want to back up from the environment.

Tenant: Creating Backup Job

Next, we setup the destination of our backup job. Again, notice, we see the Tenant1 backup repository.

Tenant1 Backup Repository

We set a schedule as is normal in setting up the backup job.

Tenant Backup Job Schedule

Next, we setup our retention.

Setup Retention

Finally, we set up our final job options and either choose to Finish configuring the job or to Finish and Run the job.

Setup Final Job Options

Note, we see our new job that has been setup and if we have run the job already we see its outcome here as well. Notice, even though we have different jobs and environment setup for Tenant2, we do not see the jobs listed for Tenant2 here as an example that the environments are isolated and autonomous from one another.

New Job Listed

Recovery of a VM in Multi-Tenant Mode

Just as we can back up our resources in each tenant environment in an isolated fashion from the other tenants, we can restore them in this way as well. Each tenant sees their own available backup jobs that are available to recover.

Recovery of a VM in Multi-Tenant Mode

We select the Destination which only shows the destination VMware environment that is in the inventory of our tenant.

Destination VMware Environment

Finally, we can choose the options that we want to include with the recovery of the selected virtual machine backup that we are restoring.

Options to Include with Recovery


The Backup-as-a-Service functionality that is included with the NAKIVO Backup & Replication Multi-tenant configuration provides a powerful solution to provide VMware backup solutions as a service to either a business unit, child organization, or for various tenants managed by a Managed Service Provider. As shown by the walkthrough of both the backup process as well as the restore process, each tenant operates as an autonomous entity that only has visibility of their particular environment including inventory, transporters, and backup repositories. This ensures the security and serviceability of the tenants being managed by the NAKIVO Backup & Replication Multi-tenant solution. In our next post, we will take this a step further and look at the DR-as-a-Service functionality of NAKIVO Backup & Replication Multi-tenant solution.

Backup Solution for Hyper-V