In-Depth
Backup and Replication with vSphere 6.0
Licensing changes and feature upgrades close the competition gap.
The latest version of the VMware Inc. flagship product -- vSphere 6.0 -- comes with a number of improvements to the respective backup and replication products. vSphere Data Protection (VDP) and vSphere Replication have matured through the 5.x series of products, and are now more suitable than ever for the availability and recoverability needs of many small to midsize businesses (SMBs).
Perhaps the most exciting announcement involves a change in licensing for VDP. This change brings the best features of VDP to the masses, and unlocks its full potential for a much broader portion of the vSphere customer base.
The release of VDP and vSphere Replication 6.0 is a real shot across the bow of competitors in the backup/replication space like Veeam Software and Zerto. Where VMware has historically offered an interesting but somewhat immature backup/recovery solution (compared to competitors), this release makes it incredibly affordable, while at the same time including a substantial portion of the features that have always made the competition stand out.
VDP vs. vSphere Replication
Right out of the gate, there's an important distinction to make about the solutions I'll be discussing. Although I envision these two products becoming one eventually, VDP and vSphere Replication are currently two separate solutions.
This isn't all bad, as many organizations have a tendency to be confused about the distinction between the two operations. Keeping them separate keeps the management and configurations of each clearly defined. This is comparable to the way in which the Veeam UI has a Backup section and a Replication section; different UIs for different tasks. What's the purpose of each solution?
VDP is the vCenter-integrated solution for creating, managing, deduplicating, replicating and restoring backups. That's replication of backups, not replication of active virtual machines (VMs). VDP technology is based on Avamar from ECM Corp., which is widely respected as a great backup product. This also means that VDP can interface with Avamar nicely, and replicate backup data to an Avamar Data Store. As will be discussed later, it also plays nice with Data Domain.
vSphere Replication, on the other hand, is the replication engine that goes hand-in-hand with the backup tool to provide asynchronous replication of VMs from site to site, or perhaps from environment to environment.
The early part of 2015 brought improvements for both solutions, and the changes and features highlighted are those that may have the greatest impact on the ability of VMware to win market share from other major players.
From a VDP perspective, the advantage isn't as much in net-new features as it is in VDP Advanced features now made widely available by the licensing shift. The additions to vSphere Replication increase efficiency and breadth, making it applicable to the needs of more organizations.
vSphere Data Protection highlights:
- VDP Advanced features are collapsed into VDP
- SQL, Exchange and SharePoint agents available
- Data Domain Boost integration
- Automated backup verification
vSphere Replication highlights:
- End-to-end network traffic compression
- Isolation of replication traffic
- Linux guest OS quiescing
The specifics of each of these highlights are covered in the following sections, starting first with vSphere Data Protection and continuing with vSphere Replication.
VDP 6.0 Highlights
VDP Advanced End of Availability
Perhaps the most exciting news about VDP 6.0 is the licensing change. In previous versions, there were two licensing levels. VDP was included with vSphere Essentials Plus and higher licensing, so it was available with most editions. It performed image-level backups, restores and replication for up to 2TB of data per appliance. vSphere Data Protection Advanced (VDPA) was available to license separately, and included features such as application-level backup/restore, integration with EMC Data Domain, higher scalability (up to 8TB per appliance) and automated backup verification.
VDPA features are comparable to a current version of Veeam Enterprise edition (not complete feature parity, but they're similar). Historically, at only slightly more per socket, organizations might have preferred to go with a reputable vendor like Veeam that focuses its efforts solely on backup/replication.
There are certainly still reasons to choose a product like Veeam or Zerto, but with the release of VDP 6.0, VDPA goes end of availability and all features of VDPA are included with VDP.
This means that any vSphere installation using Essentials Plus and higher has access to the majority of the features in a product with a list price of around $1,400 per socket at no additional charge.
The VDP 6.0 features discussed next aren't new to the whole suite, but they're newly available to the broad customer base using Essentials Plus and higher. These are the things I believe puts VDP 6.0 in a place to make up substantial ground in the backup and replication space.
Application-Level Backups
Image-level backups are great, and often come in handy. But any enterprise-class backup system needs the ability to back up business-critical systems such as Exchange, SQL and SharePoint. In the modern datacenter, it's also important to support more highly available instantiations of these applications, like AlwaysOn Availability Groups (AAG) for SQL, and Database Availability Groups (DAG) for Exchange. VDP 6.0 includes these capabilities, allowing for fine-tuned backup and restore of an organization's most important line-of-business (LOB) applications.
Agents installed on the guest OS allow application-consistent backups using full, incremental or differential modes. For AAG and DAG, the agent also allows the option to back up using a secondary node in the cluster; this means the load of the backup job isn't placed on the active node. The agents add support for multi-streaming, which helps to complete large backup jobs faster by using multiple concurrent threads. The in-guest agents also handle database log management, as expected from any SQL backup product.
Data Domain Integration
VDP can be configured to use EMC Data Domain systems as a backup target. This means the potential for larger deployments (as opposed to using the VDP appliances as the target). At scale, there's also substantial potential for space savings when using Data Domain as a target.
Because each VDP appliance can only store 8TB of data, multiple appliances may have to be deployed. Because each VDP appliance is its own deduplication domain, you could end up with a number of copies of the same data. Using Data Domain as a backup target would allow for global deduplication of backup data and potentially substantial space savings.
Another major advantage of using Data Domain as the backup target is the DD Boost technology available on the platform. The DD Boost libraries are built right in to VDP. This allows for client-side deduplication, followed by further post-process deduplication on the appliance.
The main reason to leverage this technology is the potential to gain enhanced backup speeds. Because some deduplication is done client-side, much less data can be sent across the wire. I've personally seen customers of mine cut job times in half by switching to a Data Domain Boost target.
Automated Backup Verification
There's a critical backup/disaster recovery strategy question that often gets overlooked: "What good are backups if you can't restore them?" It's vital to the success of a DR strategy that backups are routinely tested for integrity and verified to be working properly. In days gone by, this often showed up in the way of a monthly or quarterly restore of a particular tape backup; a sort of "spot check" that backups were completing successfully. In the age of virtualization, there's an elegant way to regularly ensure that backups are completing successfully and can actually be recovered.
Akin to Veeam's offering, called SureBackup, VDP 6.0 offers an integrated backup verification system. It performs a VM restore, which will show up in inventory as VDP_VERIFICATION_[VM Name]. The network adapter will be disconnected before startup so that booting the VM doesn't interfere with production systems.
The verification system looks for heartbeats from VMware Tools in the guest VM to ensure that the OS is booting successfully. To take the verification a step further, custom scripts can be run inside the restored VM to ensure application integrity, as well. By using this technology, an organization can have confidence that its backups will be helpful in the event of a disaster.
vSphere Replication 6.0
The other half of this dynamic duo wasn't left out in the cold with the release of 6.0; features like network isolation and compression make vSphere Replication an attractive option for moving VMs between datacenters or environments.
Network Isolation
Due to the implementation of the networking stack in ESXi, vSphere replication has historically been required to use the management network. Although this was functional on a small scale, it becomes an issue as the environment grows. When it comes to vSphere, more segregation of traffic is usually better, and this is no exception.
Thankfully, with vSphere 6.0, independent TCP/IP stacks are implemented for management, vMotion, and near field communication (NFC) by default (they were available in 5.5, but with extra command-line configuration).
vSphere Replication can have its own network stack, as well. This means a decreased potential for replication traffic to affect management or other production VM traffic. Because replication can involve a significant amount of data, it's also sometimes desirable to control the priority of the traffic using network IO control.
Network Traffic Compression
Because VM replication involves getting (sometimes large) groups of VMs from one location to another, there are often substantial bandwidth requirements for a successful deployment.
Due to some improvements in vSphere Replication 6.0, all replication data is now compressed, which leads to reduced requirements for network bandwidth between the two sites. I believe many more organizations would implement a replication strategy if it weren't for the high cost of required bandwidth between sites. With that traffic compressed, a realistic option for implementing VM replication begins to emerge.
Linux Guest OS Quiescing
Due to immaturity in previous versions of VDP, quiescing IO on Linux OSes while performing a replication task wasn't an option. This meant that crash-consistent snapshots were the best you could get.
vSphere Replication 6.0 introduces the ability to quiesce operations on Linux guests to get file system-consistent snapshots for replication. This is akin to Volume Shadow Copy Service (VSS) capabilities on Windows VMs. Now that Linux OSes can be captured properly, the vSphere Replication tool is suited for widespread use.
Real Competition
Clearly, VMware is taking availability management tools seriously and looking to control the gamut of tools needed to manage a vSphere infrastructure. With tools like the vRealize suite, VDP and vSphere Replication, I think VMware would prefer that no third-party tools were needed to manage a vSphere environment. Whether that's truly possible is another discussion entirely, but it's certainly the case that VDP 6.0 and vSphere Replication 6.0 are now real competitors in the SMB markets.