News
9/28/2011
03:50 PM
50%
50%

Get VM Backups Right

Protect disk files and data to keep virtual machines humming.

Virtual machine backups encompass two data sources: the application data inside the VM and the disk files that make up the VM itself. You need to protect both to ensure that you can recover from a failure. This calls for a smart mixture of backup types to satisfy your data protection and recovery objectives as well as some unique considerations and techniques, including snapshots.

Freeze Frame

Backing up a VM while it runs and serves clients is accomplished, regardless of the hypervisor platform, via the creation of a VM snapshot. When a VM is snapshotted, the hypervisor stops writing to its existing disk file and creates a new disk file to write changes to. If the machine is live, it also saves the contents of running memory to a separate file. This allows the backup software to copy the snapshot while letting the VM continue operating. Snapshots are also useful because they serve as VMs copies that can be reused if the original backup effort fails. Snapshots can also be used to restore a VM to a known-good state if updates or changes to the VM cause a glitch.

While snapshots are useful, we can run into problems if we're not careful about management. For example, once an operation is successful, snapshots should be deleted because they gobble storage space. Yet time and again, I've seen administrators use snapshots as quasi-backups instead of how they're intended--as temporary safety nets. If enough snapshots accumulate on a production machine, the VM will run out of space and likely fail. Where there's very little data change, it may be OK to leave some snapshots in production, but be careful.

In addition, disk file backups do not take the place of guest-based backup software agents that run at the VM guest operating system level. These agents provide several advantages over disk file backups. The agents are selective: You have the option to take only the data that's changed or the data you want. Backing up the operating system over and over again doesn't do you any good if all you care about is the application data on the machine.

Best Practices

We recommend backing up the disk files of VMs once per week. Send these backups to a repository, such as a deduplicated SAN, that's also replicated to a secondary site. You can also back up VMs to a repository, such as autoloader, that you can physically move off site. Then, take daily guest-OS-level backups of application files and data. Store the daily backups on a mixture of disk, tape, or replicating storage; good backup products can easily accommodate all three.

A word about deduplication: This process can happen in several places. If your SAN supports deduplication, the dedupe software lives at the controller level and automatically deduplicates data as it passes. You can also use a dedicated deduplication appliance. Finally, some backup agents that sit on the deduplication target can provide source deduplication so that only new data gets backed up. In a disaster recovery scenario, you can simply restore the disk files to a freshly provisioned virtual host cluster and spin up new VMs, bringing you right back to where you were during the disk file backup. Or you can update data on the bare-metal images with a restore from the data-only backup.

Recovery accomplished.

Key Steps To Safeguarding Your VM Disk Files

Our full report on key steps to safeguarding your VM disk files is free with registration.

This report includes 14 pages of action-oriented analysis for IT. What you'll find:
  • How to protect data everywhere
  • How to build in resiliency
Get This And All Our Reports


Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0196
Published: 2015-06-29
CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 Cumulative iFix 2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

CVE-2015-0545
Published: 2015-06-29
EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

CVE-2015-1900
Published: 2015-06-29
IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors.

CVE-2014-4768
Published: 2015-06-28
IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode.

CVE-2014-6198
Published: 2015-06-28
Cross-site request forgery (CSRF) vulnerability in IBM Security Network Protection 5.3 before 5.3.1 allows remote attackers to hijack the authentication of arbitrary users.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report