News
9/28/2011
03:50 PM
Connect Directly
RSS
E-Mail
50%
50%

Get VM Backups Right

Protect disk files and data to keep virtual machines humming.

Virtual machine backups encompass two data sources: the application data inside the VM and the disk files that make up the VM itself. You need to protect both to ensure that you can recover from a failure. This calls for a smart mixture of backup types to satisfy your data protection and recovery objectives as well as some unique considerations and techniques, including snapshots.

Freeze Frame

Backing up a VM while it runs and serves clients is accomplished, regardless of the hypervisor platform, via the creation of a VM snapshot. When a VM is snapshotted, the hypervisor stops writing to its existing disk file and creates a new disk file to write changes to. If the machine is live, it also saves the contents of running memory to a separate file. This allows the backup software to copy the snapshot while letting the VM continue operating. Snapshots are also useful because they serve as VMs copies that can be reused if the original backup effort fails. Snapshots can also be used to restore a VM to a known-good state if updates or changes to the VM cause a glitch.

While snapshots are useful, we can run into problems if we're not careful about management. For example, once an operation is successful, snapshots should be deleted because they gobble storage space. Yet time and again, I've seen administrators use snapshots as quasi-backups instead of how they're intended--as temporary safety nets. If enough snapshots accumulate on a production machine, the VM will run out of space and likely fail. Where there's very little data change, it may be OK to leave some snapshots in production, but be careful.

In addition, disk file backups do not take the place of guest-based backup software agents that run at the VM guest operating system level. These agents provide several advantages over disk file backups. The agents are selective: You have the option to take only the data that's changed or the data you want. Backing up the operating system over and over again doesn't do you any good if all you care about is the application data on the machine.

Best Practices

We recommend backing up the disk files of VMs once per week. Send these backups to a repository, such as a deduplicated SAN, that's also replicated to a secondary site. You can also back up VMs to a repository, such as autoloader, that you can physically move off site. Then, take daily guest-OS-level backups of application files and data. Store the daily backups on a mixture of disk, tape, or replicating storage; good backup products can easily accommodate all three.

A word about deduplication: This process can happen in several places. If your SAN supports deduplication, the dedupe software lives at the controller level and automatically deduplicates data as it passes. You can also use a dedicated deduplication appliance. Finally, some backup agents that sit on the deduplication target can provide source deduplication so that only new data gets backed up. In a disaster recovery scenario, you can simply restore the disk files to a freshly provisioned virtual host cluster and spin up new VMs, bringing you right back to where you were during the disk file backup. Or you can update data on the bare-metal images with a restore from the data-only backup.

Recovery accomplished.

Key Steps To Safeguarding Your VM Disk Files

Our full report on key steps to safeguarding your VM disk files is free with registration.

This report includes 14 pages of action-oriented analysis for IT. What you'll find:
  • How to protect data everywhere
  • How to build in resiliency
Get This And All Our Reports


Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6306
Published: 2014-08-22
Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges via unknown vectors.

CVE-2014-0232
Published: 2014-08-22
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a (1)...

CVE-2014-3525
Published: 2014-08-22
Unspecified vulnerability in Apache Traffic Server 4.2.1.1 and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.

CVE-2014-3563
Published: 2014-08-22
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

CVE-2014-3587
Published: 2014-08-22
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists bec...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.