Backing up VMware data

Use the search function to search for available resources and toggle the displayed resources by using the View filter. Available options are VMs and Templates, VMs, Datastore, Tags and Categories, and Hosts and Clusters. Tags are applied in vSphere, and allow a user to assign metadata to VMs.

The job will run as defined by the SLA policies that you selected. To run the job immediately, click Jobs and Operations > Schedule. Select the job and click Actions > Start.

When the job definition is saved, available virtual machine disks (VMDKs) in a VM are discovered and are shown when VMs and Templates is selected in the View filter. By default, these VMDKs are assigned to the same SLA policy as the VM. If you want a more granular backup operation, you can exclude individual VMDKs from the SLA policy. For instructions, see Excluding VMDKs from the SLA policy for a job.

In the Backup Options section, set the following job definition options:

Skip Read-only datastores

Skip datastores that are mounted as read-only.

Skip temporary datastores mounted for Instant Access

Exclude temporary Instant Access datastores from the backup job definition.

VADP Proxy

Select a VADP proxy to balance the load.

Priority

Set the backup priority of the selected resource. Resources with a higher priority setting are backed up first in the job. Click the resource that you want to prioritize in the VMware Backup section, and then set the backup priority in the Priority field. Set 1 for the highest priority resource or 10 for the lowest. If a priority value is not set, a priority of 5 is set by default.

In the Snapshot Options section, set the following job definition options:

Make VM snapshot application/file system consistent

Enable this option to turn on application or file system consistency for the VM snapshot. All VSS-compliant applications such as Microsoft™ Active Directory, Microsoft Exchange, Microsoft SharePoint, Microsoft SQL, and the system state are quiesced. VMDKs and VMs can be instantly mounted to restore data that is related to quiesced applications.

VM Snapshot retry attempts

Set the number of times that IBM Storage Protect Plus attempts to capture an application or file-consistent snapshot of a VM before the job is canceled. If the Fall back to unquiesced snapshot if quiesced snapshot fails option is enabled, an unquiesced snapshot will be taken after the retry attempts.

Fall back to unquiesced snapshot if quiesced snapshot fails

Enable to fall back to a non-application or non-file-system consistent snapshot if the application consistent snapshot fails. Selecting this option ensures that an unquiesced snapshot is taken if environmental issues prohibit the capture of an application or file-system consistent snapshot.

In the Agent Options section, set the following job definition options:

Truncate SQL logs

To truncate application logs for SQL Server databases that are on the VM during the backup job, enable the Truncate SQL logs option.

Restriction: It is possible that the same databases that are on a VM might be backed up as part of a VM backup job and a SQL Server backup job. Do not select this option if you want to back up the database transaction logs during the SQL Server backup operation. The log truncation deletes all inactive logs from the log file. The deleted log sequence causes discontinuity in the log backup.

For more information about backing up SQL Server database logs, see Log backups.

The credentials must be established for the associated VM by using the Guest OS user name and Guest OS Password option within the backup job definition. When the VM is attached to a domain, the user identity follows the default domain\name format. If the user is a local administrator, the format local_administrator is used.

The user identity must have local administrator privileges. On the SQL Server server, the system login credential must have the following permissions:

• SQL Server sysadmin permissions must be enabled.
• The Log on as a service right must be set. For more information about this right, see Add the Log on as a service Right to an Account.

IBM Storage Protect Plus generates log files for the log truncation function and copies them to the following location on the IBM Storage Protect appliance:

/data/log/guestdeployer/latest_date/latest_entry/vm_name

where latest_date is the date that the backup job and log truncation occurred, latest_entry is the universally unique identifier (UUID) for the job, and vm_name is the host name or IP address of the VM where the log truncation occurred.

Restriction: File indexing and file restore are not supported from restore points that were copied to cloud resources or repository servers.

Catalog file metadata

Turn on file indexing for the associated snapshot. When file indexing is completed, individual files can be restored by using the File Restore pane in IBM Storage Protect Plus. Credentials must be established for the associated VM by using an SSH key, or the Guest OS Username and Guest OS Password options within the backup job definition. Ensure that the VM can be accessed from the IBM Storage Protect Plus appliance either by using DNS or a host name.

Restriction: SSH Keys are not a valid authorization mechanism for Windows platforms.

Run as system user

Run the file indexing as the system user. This allows the file indexing to be run at the highest privilege level on the client virtual machine. Catalog file metadata must be enabled to use this option.

Exclude Files

Enter directories to skip during file indexing. Files within these directories are not added to the IBM Storage Protect Plus catalog and are not available for file recovery. Directories can be excluded through an exact match or with wildcard asterisks specified before the pattern (*test) or after the pattern (test*). Multiple asterisk wildcards are also supported in a single pattern. Patterns support standard alphanumeric characters as well as the following special characters: - _ and *. Separate multiple filters with a semicolon. Catalog file metadata must be enabled to use this option.

Get SSL certificate thumbprint or Get SSH key

Verify the identity of the VM being backed up. Catalog file metadata must be enabled to use this option.

For Windows-based virtual machines:

Obtain the certificate thumbprint and verify that the certificate thumbprint matches the thumbprint of the certificate on the host. Click Get SSL certificate thumbprint.

Get SSL certificate thumbprint

Get the SSL certificate thumbprint for the Windows-based host. You must complete this step when registering servers for the first time or if the certificate on the server changes.

The HTTPS listener must be enabled on the host. You must create a self-signed certificate and then enable the HTTPS listener if it is not already enabled. For more information, see How to configure WinRm for HTTPS.

When upgrading to IBM Storage Protect Plus 10.1.9, systems that are already registered in the previous version are set to trust on first use (TOFU) and the certificate thumbprint will automatically be added to the registration information in the catalog.

SSL certificate thumbprint

The SSL certificate thumbprint is displayed here. Confirm that the certificate thumbprint matches the thumbprint of the certificate on the host that you are adding.

For Linux-based virtual machines:

Obtain the server key and verify that the key type and key fingerprint match the host. Click Get server key.

Get server key

The SSH server key for the Linux-based host. You must complete this step when adding servers for the first time or if the key on the server changes.

When upgrading to IBM Storage Protect Plus 10.1.9, systems that are already registered in the previous version are set to trust on first use (TOFU) and the SSH key fingerprint will automatically be added to the registration information in the catalog.

Key type

The type of key for the Linux-based host is displayed. The following key types are supported:

• RSA with a minimum key size of 2048 bits
• ECDSA
• DSA

Key fingerprint

The MD5 hash of the SSH key fingerprint is displayed. Confirm that they key fingerprint matches the key fingerprint of the host that you are adding.

Use existing user

Select a previously entered user name and password for the provider.

Guest OS Username/Password

For some tasks (such as cataloging file metadata, file restore, and IP reconfiguration), credentials must be established for the associated VM. Enter the user name and password, and ensure that the VM can be accessed from the IBM Storage Protect Plus appliance either by using DNS or a host name.

The Test function verifies the hypervisor tool settings and tests DNS settings between the IBM Storage Protect Plus appliance and the VM. Select a single VM, and then click Select Options. You must select Catalog file metadata. Select Use existing user to select a previously entered username and password for the resource. Alternately, enter a username in the Guest OS Username and password in the Guest OS Password fields if you have not previously entered the username and password for the resource. Click Test. For more information, see Testing the connection to a vCenter Server virtual machine.

Pre-scripts and Post-scripts

Run a pre-script or a post-script. Pre-scripts and post-scripts are scripts that can be run before or after a job runs. Windows™-based machines support Batch and PowerShell scripts while Linux®-based machines support shell scripts.

In the Pre-script or Post-script section, select an uploaded script and a script server where the script will run. Scripts and script servers are configured by using the System Configuration > Script page.

To continue running the job if the script associated with the job fails, select Continue job/task on script error.

When this option is enabled, if a pre-script or post-script completes processing with a non-zero return code, the backup or restore operation is attempted and the pre-script task status is reported as COMPLETED. If a post-script completes with a non-zero return code, the post-script task status is reported as COMPLETED.

When this option is disabled, the backup or restore is not attempted, and the pre-script or post-script task status is reported as FAILED.

Run inventory before backup

Run an inventory job and capture the latest data of the selected resources before starting the backup job.

Exclude Resources

Exclude specific resources from the backup job by using single or multiple exclusion patterns. Resources can be excluded by using an exact match or with wildcard asterisks specified before the pattern (*test) or after the pattern (test*).

Multiple asterisk wildcards are also supported in a single pattern. Patterns support standard alphanumeric characters as well as the following special characters: - _ and *.

Separate multiple filters with a semicolon.

Exclude Resources by Tag

Exclude specific resources based on associated VM tags from the backup job. Resources can be excluded through an exact match or with wildcard asterisks specified before the pattern (*test) or after the pattern (test*). Multiple asterisk wildcards are also supported in a single pattern. Patterns support standard alphanumeric characters as well as the following special characters: - _ and *. Multiple filters may be separated with a semicolon.

Force Full Backup of Resources

Force base backup operations for specific VMs or databases in the backup job definition. Separate multiple resources with a semicolon.