When you engineer a software solution, the ability to recover data is crucial throughout the solution's entire life cycle of design, development, test, and production. This is important in on-premise cloud environments, but it is even more important in public cloud environments where service level agreements generally aren't as well defined as those you encounter in traditional in-house or hosted deployments.
We'll show you the capabilities provided by the IBM® SmartCloud Enterprise environment that can be used to provide various levels of data recovery of IBM Cloud resources. In addition, we'll help you explore other services and techniques that you may want to consider while deploying data in the cloud.
First, let's review some basics of the IBM Cloud.
Some of the data recovery basics you need to know to appreciate this article include:
- The difference between an instance and an image.
- What ephemeral storage is. What persistent storage is. What object storage is.
- How provisioning and association work.
- How to use storage.
- What backup types there are.
In IBM SmartCloud Enterprise, an instance is a running virtual machine based upon an image. Associated with the instance are the configuration components of virtual CPUs, memory, and local (ephemeral) storage. The local storage of an instance includes the operating system, software applications, data, and configurations added to the instance.
An image is a saved representation of a previously running instance. The image is based upon a stopped version of the instance and should not be confused with a snapshot which is a copy of a running instance including its in-memory state.
Let's understand the different types of storage available on the IBM SmartCloud Enterprise. On the IBM Cloud, three types of storage exist:
- Ephemeral storage is the storage embedded in the virtual machine. Its life cycle is linked to the virtual machine. When you delete the virtual machine, the ephemeral storage is deleted and thus the data stored on that storage will be deleted.
- Persistent storage is a storage that you can order and attach to an instance during the instance-creation process. Its life cycle is not linked to the virtual machine. You can delete your virtual machine and the persistent storage will not be deleted, thus you can reattach the storage to a new virtual machine and access your data again.
- Object storage is a storage option that you can order via the SmartCloud Enterprise Additional Services Order Form. Object storage is a web based storage option that you connect to over the internet via Web API or CloudNAS. Its life cycle is not linked to the virtual machine. You can delete your virtual machine and the object storage data will not be deleted. You simply reconnect to object storage from a new virtual machine to access your data again.
The following table illustrates the data life cycle of the two types of storage and the actions taken on a related instance and the storage device.
Data life cycle of storage types
|Reboot instance||Delete instance||Delete storage|
|Ephemeral storage||Data is kept||Data is lost||Not applicable|
|Persistent storage||Data is kept||Data is kept||Data is lost|
|Object storage||Data is kept||Data is kept||Data is lost|
Currently, a maximum of three persistent storage units can be associated to a given instance, as shown in Figure 1. One of these can be attached at the time the instance is provisioned. Up to three can be attached dynamically (only two if one is attached at provisioning time). Persistent storage units that are attached dynamically can be detached from instance dynamically as well. The ability to dynamically attach or detach a persistent storage unit is only available through the SCE Application Programming Interfaces (APIs) and not the SCE Portal.
Figure 1. Up to 3 persistent storage units per instance
It is also important to understand that persistent storage cannot be attached concurrently to multiple instances. Since persistent storage is a block device, locking is controlled by the host it is assigned to.
Figure 2. Only one virtual machine at a time can be attached to and mount a persistent storage block
The provisioning or creation of persistent storage can be done either through the portal interface or the IBM Cloud APIs. The time needed to provision a storage unit varies by the size of the storage being requested, the type, and current activity of that particular cloud environment (or, the data center).
Raw persistent storage types take less time to provision due to the nature of how the storage actually consumes sectors on the back-end systems. Since there is no underlying file system or data on the presented storage, it takes mere seconds to allocate on the back-end storage subsystems.
Persistent storage can only be de-provisioned if it is not attached to an instance. As described earlier, if the storage unit was dynamically attached to the instance it can be dynamically detached as well. If the storage unit was attached at instance provisioning time, the instance will need to be de-provisioned prior to the de-provisioning of the storage unit.
Object storage requires no storage commitment; it is a completely elastic storage feature that can be used by multiple SmartCloud Enterprise instances. Object storage allows you to create an unlimited amount of application names to segregate your data. Application names can be thought of as storage pools in a traditional storage sense. In addition to the creation of each application name you have the ability to create as many associated child access accounts as necessary.
Figure 3. One instance connected to an allocated object storage application, using an associated child account
Figure 4. Two instances connected to an allocated object storage application, using two separate child accounts
It is important to understand that object storage does not have file locking capabilities that are native to the solution. Each child account created under each application name has its own unique directory for storage consumption. In figure 4 above, although using the same application name, child account 1 cannot see child account 2’s data. Attempting to connect two instances to the same application with the same child account credentials will result in data synchronization issues and in almost all cases will result in data corruption.
Figure 5. Only one virtual machine can attach to allocated object storage application using an associated child account
Currently, persistent storage blocks are limited to a 10TB maximum size and a single persistent storage unit can only be attached to one virtual instance at a time. It is possible for a virtual instance to share persistent storage using file sharing technologies like NFS/GPFS and SAMBA.
By using a solution like this, it is possible to overcome these limitations. Multiple file servers could be provisioned in the cloud, each with 10TB of persistent storage. Likewise, each file server could NFS export the persistent storage to other servers to overcome limitation of a persistent storage only being able to be mounted directly by one instance.
Figure 6. Network sharing of persistent storage between instances
As stated earlier in this article, object storage can be accessed by many VM instances with no minimum usage commitment. You can begin consuming object storage by coding to the API or through an application called CloudNAS. Let's take a look at each of these access methods.
Developing applications on object storage with web-based REST API
SmartCloud Enterprise object storage can be managed and accessed entirely using a RESTful web service. The API allows you to log into your account, upload and download files, create child accounts and monitor usage. This makes it possible to interface to object storage from a variety of applications, or client front ends using a common, easy-to-use interface. The Developer API Reference documentation is more than just an API reference; it provides a comprehensive guide to using the web-based API. This document is available in the SCE Asset Catalog after logging in.
Using object storage with CloudNAS
The CloudNAS software allows you to access storage locally as if you were accessing a local drive on a Windows-based server, or a local mount point on a Linux server. When using CloudNAS it is important to understand that one, and only one, instance can have CloudNAS running with a particular application name/child account as Figure 5 above illustrates. When there is a requirement to share data among instances or for collaboration efforts it is possible for a virtual instance to share object storage using file sharing technologies like CIFS.
Figure 7. Network sharing of object storage between instances
IBM SmartCloud Enterprise offers its clients the ability to deploy a VPN between their customer premise and the SCE environment. With this configuration a single private virtual local area network (VLAN) is also provisioned for the client account. The VLAN provides a layer of network isolation for the instances that are provisioned behind it. Customers who deploy instances on this VLAN and also need to consume object storage need to establish an instance to act as a gateway for object storage inbound and outbound traffic. To do that, provision an instance that has both a public internet facing VLAN and a private facing VLAN.
When you provision instances that are used to span both the public and private VLAN it is strongly recommended to configure firewalls to secure your deployment within IBM SmartCloud Enterprise environment.
The ability for an instance to span between the public and private VLAN was introduced in IBM SmartCloud Enterprise Release 1.4. For more information about this capability, refer to the article, IBM SmartCloud Enterprise tip: Span virtual local area networks.
Figure 8. Network sharing of object storage between instances within a VLAN
There are two types of backups:
- Online backups: Made on the fly so there is no need to stop the application to create a coherent backup.
- Offline backups: Much simpler to implement, requires that the application is stopped to create a backup.
Important: It is the responsibility of the IBM Cloud consumer to implement their own backup solution. The IBM Cloud platform provides different types of native functionality which can help with the implementation of a backup solution.
IBM SmartCloud Enterprise offers functionality to take offline backup of the data located in the instance (ephemeral storage) or data located on the persistent storage. Let's first visit the instance backup capability and then the persistent storage backup capability.
IBM SmartCloud Enterprise provides the ability to create an image of an instance. This is a means to preserve a customized instance in a given state at a given point in time. The benefit of image capture is that the customer can make changes (like add users, set policies, install software, configure software) to his instance and then save it as an image. The image can then be used to provision new instances and have all the customer's changes and customizations preserved.
The related anti-colocation feature introduced in release 1.4 of IBM SmartCloud Enterprise can be leveraged to create a backup or redundant virtual machine. A clone of a virtual machine can be instantiated in a way that guarantees that it is on a separate physical node from another. You would backup a virtual machine, provision an instance from that image, and then, using anti-colocation, provision a second instance on a different physical node. With this done, if one virtual machine or node encounters problems, it does not impact the other instance.
Capturing an image
There two options to capture an image on the IBM Cloud platform:
- Through the portal
- Through the API
Note: The IBM Cloud image-capture process will temporarily stop the running instance being captured. The image is a representation of the stopped instance and not a running instance. This is not a "snapshot" of the instance.
To capture an image from the portal:
- From the portal, click the Control panel tab and
select the Instances sub-tab.
Figure 9. Instances sub-tab
- Select your instance and click Create private image.
Figure 10. Configure private image
- Provide a name and description and click Submit. The image is created and stored in your private catalog. Don't forget that during the capturing process, your instance is stopped and restarted.
To capture an image from the command line API:
- Let's look at the command line APIs and use the
Figure 11. ic-save-instance command line
- Run the
Figure 12. ic-save-instance command results
A new image is generated in your private catalog. The image contains all of the data stored in the ephemeral storage.
The same operation can be done through the Java or RESTful API.
Provisioning a private image
You can list all your private images from the portal and, of course, re-provision one of those.
- Go in the Control panel of the portal and select the Instance sub-tab.
- Click the Add instance button.
- The Add instance window opens. Select the private catalog, My Images and the data center where your image resides.
Figure 13. Provisioning a private image
You can continue the provisioning process in the same manner you do for any other image.
IBM SmartCloud Enterprise provides the capability to clone persistent storage — in short, this is the ability to copy the contents of one persistent storage block to a new persistent storage block. The following aspects of the persistent storage cloning capability should be noted:
- The storage unit to be cloned must be in the Non-Attached state.
- Cloning can only be done within a data center.
- The new storage unit created by the cloning process will be the same size as the original (cloned) storage unit.
You can create a clone of your persistent storage either from the IBM Cloud portal or through the API.
To create a clone from the portal:
- From the Control panel tab, select the Storage sub-tab. A
list of your existing storage is displayed.
Figure 14. List of existing storage
- Select the storage you want to clone and click Clone Storage. Provide a name for your storage and submit.
Figure 15. Configure clone storage
To create a clone from the API:
The command line API provides the
ic-clone-volume command. This action can also be performed by using the RESTFul or Java APIs.
Figure 16. ic-clone-volume command
Provide the required parameters to the command line interface.
Figure 17. ic-clone-volume command results
The portal displays the status.
Figure 18. You've successfully cloned persistent storage
IBM SmartCloud Enterprise object storage allows you to take advantage of multiple storage nodes. A node is where a single copy of your objects are stored. You decide how many copies of your objects you want to maintain when you sign up for object storage through the Additional Services Order Form and select the nodes where you want a copy of your objects to reside. This gives you the ability to define a data protection policy that meets your business needs. The default policy is set at the storage pool level when your object storage account is established. Policies cannot be changed by the customer directly. To make adjustments to your data protection policy or add/remove a location, you must submit a new Additional Services Order Form.
For customers with a multiple node data protection policy, the data is replicated asynchronously to all these nodes after the object has been successfully uploaded to the closest node within the customer's policy.
Note: Until the replication is complete, all read or write requests are serviced from the nodes where a complete copy resides.
If you wish to modify the node(s) included in the data protection policy, you must submit a request to customer support.
Note: You only need to complete a new Additional Services Order Form if you are adding or removing nodes sites from your data protection policy.
Many backup and recovery solutions exist, both as services and standalone products. IBM SmartCloud Enterprise does not prevent you from using these types of solutions.
In addition to making sure the solution you choose meets your functional and non-functional requirements, make sure it supports the operating systems you use on your IBM Cloud instances and that any license terms are met.
Note that when a persistent storage unit is attached to an active instance, its data is accessible to applications just like local or ephemeral storage. Any backup software or service can access this as it would any other data on the running instance. There is no means to access an unattached persistent storage unit other than the method we described, that of cloning a persistent storage unit using the IBM Cloud capability.
Here are a few solutions you might want to consider for alternative backup/restore abilities:
- The IBM
Business Continuity and Resiliency Service (BCRS) can help you ensure the
continuity of your business operations and assist with regulatory compliance, improved
systems availability, data protection, and the integration of IT operational risk
management strategies. It offers, via an agent installed in an instance, the ability
to remotely backup your instance to an IBM Data Center through Remote Data Protection.
- Other third-party products such as:
- IBM Tivoli® Storage Manager can be used to copy data from an instance to another location.
- Asigra Cloud Backup software has been validated to run on IBM Smartcloud. Asigra provides backup and recovery on Smartcloud with comprehensive platform support including Windows and Linux operating systems, application consistent backup for databases and enterprise applications such as DB2, Oracle, MS SQL Server, Lotus, MS Exchange, MS Sharepoint, and other key applications.
- Home-grown or customer-developed solutions can also be utilized along with the basic
capabilities provided by the instance operating systems. These can include solutions using copy commands like
rsyncthat allow you to copy data from one location to another (local storage to persistent storage) and one instance to another.
- For object storage, there are third-party gateway products that provide snapshot capabilities and enable user-managed file recovery capabilities. For example, Twinstrata CloudArray, now available on the IBM Cloud, provides cloud storage and data protection technology that's easy to use.
Depending on the solution you choose, it might backup the data either within the IBM Cloud environment or externally to some other server or service. Be aware that if the solution copies the data externally over the network connection of the instance, data transfer charges apply.
Databases can pose unique requirements for backup and restore solutions. In most cases, the database system itself will provide one or more backup and restore mechanisms as part of the product. You might also find third-party tools that provide backup and restore capabilities for databases as well.
Database backup and restore solutions may provide both online (database can remain active) and offline (database must be inactive) backup capabilities, each of which provides benefits and drawbacks. In most cases, both solutions should work just fine in a cloud environment; however, you should consult your database administrator to make sure that choices made at database creation time do not cause any issues with the backup and restore solution utilized. For example, the database administrator may have opted to utilize persistent storage for the database log files and local/ephemeral storage for the actual data tables. Since these two storage systems have different performance characteristics, there might be an impact on the backup and restore solution. Additionally, it might be possible to create a customer backup and restore solution using the IBM Cloud abilities of cloning a persistent storage unit that can provide additional benefits.
This article introduced you to the basics of the backup and data recovery capabilities of IBM SmartCloud Enterprise. We've provided information to start learning and discovering the many ways, internally and externally, you can backup and recover data when working with instances and images in the IBM Cloud.
For more on how to perform tasks in the IBM Cloud, visit these resources:
- Up and download files from a Windows instance.
- Install IIS web server on Windows 2008 R2.
- Create an IBM Cloud instance with the Linux command line.
- Create an IBM Cloud instance with the Windows command line.
- Extend your corporate network with the IBM Cloud.
- High availability apps in the IBM Cloud.
- Parameterize cloud images for custom instances on the fly.
- Windows-targeted approaches to IBM Cloud provisioning.
- Deploy products using rapid deployment service.
- Integrate your authentication policy using a proxy.
- Configure the Linux Logical Volume Manager.
- Deploy a complex topology using a deployment utility tool.
- Provision and configure an instance that spans a public and private VLAN.
- Secure IBM Cloud access for Android devices.
In the developerWorks cloud developer resources, discover and share knowledge and experience of application and services developers building their projects for cloud deployment.
Find out how to access IBM SmartCloud Enterprise.
Get products and technologies
See the product images available for IBM SmartCloud Enterprise.
Join a cloud computing group on developerWorks.
Read all the great cloud blogs on developerWorks.
Join the developerWorks community, a professional network and unified set of community tools for connecting, sharing, and collaborating.
Mitchell DeKeyrel is a Technical Solution Architect with over 13 years of experience at IBM; in the past he spent 5 years focused on Infrastructure and Systems management in large lab environments as well as production data centers. He was the Chief Application Architect for the IBM CIO Enterprise Content Management Solution and spent 7 years working for the IBM CIO office. He worked across the business to understand and interpret end user requirements and setting the roadmap for ECM application changes based on industry trends. Mitchell worked with subject matter experts across the ECM space to identify integration opportunities with other strategic applications and IBM products. Currently Mitchell is working in Cloud Service Enablement for the GTS division of IBM.
Andrew R. Jones is a Senior Solution Architect with over 22 years of experience at IBM. For the past 16 years, he has focused on customer and business partner enablement of IBM middleware solutions in cloud computing, telecommunications, wireless technologies, and network computers. Andrew is an IBM Master Inventor and Certified IT Architect.
Ryan Sumner has been an infrastructure and application specialist with IBM for over 13 years, applying his real-world customer experience with operating systems, middleware, servers, and storage to help customers, business partners, and IBMers plan, build, and run reliable hosted solutions on the IBM Cloud. Ryan is currently a Cloud Deployment Leader in IBM Global Technology Services.
In recent years, Dominique Vernier focused on Java technologies and cloud architecture. He also has been working in information technology for quite a while where he earned a broad knowledge in such technologies and products as messaging, database, SOA, EAI, client/server, C/C++, and existing frameworks. Dominique also has extensive knowledge in industry areas such as telecom, CRM, logistics, and insurance. He is the author/co-author of four patents having to do with state engines and resource management. At present, Dominique is in charge of the IBM SmartCloud Enterprise solutions on the IBM GTS Global Team.
George Contino is an Advisory Architect with over 9 years of IT and Project Management experience. For the past 4 years he has focused on the customer and business partner enablement of IBM storage cloud solutions. Currently George is part of the Cloud Managed Services Enablement and Deployment team, which is part of the GTS division of IBM.