Virtualizing Business Critical Applications: Data Protection

A major aspect of virtualizing any business critical application is data protection which encompasses not only backup, but disaster recovery, and business continuity. It is imperative that our data be protected. While this is true of all workloads, it becomes a bigger concern when virtualizing business critical applications. Not only do we need backups, but we need to protect the business, which is where business continuity comes into play.

But when we look at data protection within a virtual environment we often look at how the data is backed up at the virtual machine level. Or perhaps at just the virtual disk level. For business critical applications we need to look at the application we are protecting, not just the virtual disk. Why is this important?

Let us look at an Oracle SQL server used by SAP. Oracle contains all the data in memory and on disk, but if we just backup the virtual disk, that data may not yet be written to the disk. Yes, we can force a write of that data to disk, but we also need to let the application continue to use the database while we are making a backup. To solve this need Microsoft came up with volume shadow copy (VSS), and VMware has its disk snapshot mechanism. Either or both can be used, but we first need to ensure the application syncs it data to the disk before we use either technology. So this implies that all our virtual backup technologies used for business critical applications must also contain tools that communicate with the application to ensure that data is written to disk prior to any backup.

Data Protection for Business Critical Applications – Functionality

With out quiesce technologies we end up with a crash consistent copy of the data, which could imply the data is corrupt. This is to be avoided at all costs. Here is a break down of some of the current backup tools and what they support:

Product VSS Linux Quiesce Custom Quiesce Replication App Restore Network
Veeam Backup and Replication 0
Zerto 1 2
Symantec BackupExec 3 3
PhD Virtual
Quest vRangerPro/vReplicate 2
VMware SRM 2
Quantum 2

0 – Both Ready to Run VM + Application Specific Restore
1 – Based on VMware Tools
2 – Produces ready to run VM
3 - Requires Agents within VM for Application Restore

The key to any data protection mechanism is the ability to restore the data or in the case of replication use the data immediately. The ability to use the data immediately is crucial for business continuity as well as for testing of your disaster recovery and business continuity mechanisms. However, there is also a need to architect your virtual or cloud environments to support the ready to use virtual machine.

Architecture

In order to use ready to run VMs produced by replication, you need either a tool that will remap all IP addresses to the new location or design your networks so that the IP address is no longer a problem. In addition, you need to replicate data from like hypervisor to like hypervisor in most cases. For all those we listed above, this is the case. For replication, if you want to be hypervisor independent you either need to use in-VM agents or tools that convert virtual disk formats for you.

However, disaster recovery is another matter as restores from many of these tools can restore to any other hypervisor through a simple disk conversion process that is available for all hypervisors out there today but you need to have the tools handy to perform these restorations unless you are using in-VM restoration agents.

Networking and none-of the current crop of tools will backup network connectivity except for Zerto and it is limited to just the immediate network within a VMware vApp. However, for a VMware vCloud Tenant where everything is usually a vApp, this fits the bill quite well. Yet, all the network connectivity outside of the vCloud Tenant is not part of any replication target.

Closing Thoughts

When we virtualize business critical applications we need to consider data protection. We need to architect for business continuity, have the tools available to test and restore our virtual machines. But most importantly it is all about the data, so the tools we choose must contain integrations with our business critical applications, or means to create those integrations within the realm of the chosen tool. When your back is against the wall and it is time to recover from a disaster, or push the big red button to start your workloads at a hotsite, it should just work!

The current batch of data protection tools for virtualization integrate with most clouds as well, but which a cloud uses depends upon the cloud. Zerto, Quantum, and Veeam are leading the pack in cloud integrations. But without the proper virtual or cloud network architecture, those VMs may not be as ready to run as you would desire.

Which leads us to the last thought: always test your data protection. Veeam provides testing tools within their product and the networking work to setup Sure Backup is the same work you would need to run your workloads within another location.

Edward Haletky (351 Posts)

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

Connect with Edward Haletky:

Tags: , , , , , ,

4 Responses to Virtualizing Business Critical Applications: Data Protection

Leave a Reply

Your email address will not be published. Required fields are marked *

Please Share

Featured Solutions