NetApp SnapVault

Netapp SnapVault is a heterogeneous disk-to-disk backup solution for Netapp filers and heterogeneous OS systems (Windows, Linux , Solaris, HPUX and AIX). Basically, Snapvault uses netapp snapshot technology to take point-in-time snapshot and store them as online backups. In event of data loss or corruption on a filer, the backup data can be restored from the SnapVault filer with less downtime. It has significant advantages over traditional tape backups, such as:

• Reduce backup windows versus traditional tape-based backup
• Media cost savings
• No backup/recovery failures due to media errors
• Simple and Fast recovery of corrupted or destroyed data

Snapvault consists of major two entities –  snapvault clients and a snapvault storage server. A snapvault client (Netapp filers and unix/windows servers) is the system whose data should be backed-up.  The SnapVault server is a Netapp filer – which gets the data from clients and backs up data. For Server to Netapp Snapvault, we need to install Open System Snapvault client software provided by Netapp, on the servers. Using the snapvault agent software, the Snapvault server can pull and backup data on to the backup qtrees. SnapVault protects data on a client system by maintaining a number of read-only versions (snapshots) of that data on a SnapVault filer. The replicated data on the snapvault server system can be accessed via NFS or CIFS. The client systems can restore entire directories or single files directly from the snapvault filer.  Snapvault requires primary and secondary license.

NetApp Snapmirror And Its Advantages

NetApp® SnapMirror® software has been the preferred technology for replication and disaster recovery in a wide variety of NetApp storage environments for years because of its proven efficiency, simplicity, and modest cost when compared with other DR solutions. Over the years, NetApp has continued to enhance SnapMirror with new features and capabilities to make the product fit an even broader range of requirements and to use network bandwidth even more efficiently.

The use of SnapMirror technology offers significant advantages:

Efficient
Block-level updates reduce network bandwidth and time requirements. Starting with Data ONTAP® 7.3.2, volume SnapMirror also offers native network compression to further reduce bandwidth costs.

Flexible
Data can be replicated between dissimilar NetApp storage systems. One-to-one, one-to-many, many-to-one, or many-to-many replication topologies are supported with async mode.

More productive
When you use SnapMirror in combination with NetApp FlexClone®, you can use the data stored in your DR environment for dev/test, data mining, or other purposes.

Consistent. Through integration with the NetApp SnapManager® suite, application data can be replicated while making sure of full consistency for quick recovery.

Safe
Your DR plan can be tested without affecting production and ongoing replication so you can test more frequently to make sure there aren’t any surprises should disaster strike. To protect against application data corruption, your DR site can keep multiple Snapshot® copies on hand and quickly and easily restore to a point in time before the data corruption occurred.

There are two operating modes for SnapMirror: volume and qtree. Volume SnapMirror is generally the preferred mode. Because of its relative popularity, much of our development effort, including integration with the SnapManager suite of products, has focused on volume SnapMirror. As a result, volume SnapMirror offers greater flexibility and efficiency. This chapter of Back to Basics explores how volume SnapMirror technology is implemented, the most common use cases, best practices for implementing SnapMirror, and more.

Avamar Checkpoints

Avamar Checkpoints
Checkpoints are system-wide backups taken for the express purpose of assisting with disaster recovery. Checkpoints are typically scheduled twice daily and validated once daily (during the maintenance window). You also can create and validate additional server checkpoints on an on-demand basis.

Checkpoint validation, which is also called an Avamar Hash Filesystem check (HFS check), is an internal operation that validates the integrity of a specific checkpoint. Once a checkpoint has passed an HFS check, it can be considered reliable enough to be used for a system rollback.

The actual process that performs HFS checks is hfscheck; it is similar to the UNIX fsck command.

You can schedule HFS checks by using Avamar Administrator. You also can manually initiate an HFS check by running avmaint hfscheck directly from a command shell.

An HFS check might take several hours depending on the amount of data on the Avamar server. For this reason, each validation operation can be individually configured to perform all checks (full validation) or perform a partial "rolling" check which fully validates all new and modified stripes, then partially checks a subset of unmodified stripes.

Initiating an HFS check requires significant amounts of system resources. To reduce contention with normal server operation, an HFS check can be throttled. Additionally, during this time, the server is placed in read-only mode. Once the check has been initiated, normal server access is resumed. You can also optionally suspend command dispatches during this time, although this is not typically done.  If HFS check detects errors in one or more stripes, it automatically attempts to repair them.

Avamar - Clients Agents Plug-ins

Avamar clients
Avamar provides client software for various computing platforms. Each client comprises a client agent and one or more plug-ins.

Agents
Avamar agents are platform-specific software processes that run on the client and communicate with the Management Console Server (MCS) and any plug-ins installed on that client.

Plug-ins
The following topics provide details on the two types of Avamar plug-ins.

File system plug-ins
File system plug-ins are used to browse, back up, and restore files or directories on a specific client file system. Avamar currently provides plug-ins for the following operating systems:

• Free BSD
• HP-UX
• IBM AIX
• Linux
• Mac OS X
• Microsoft Windows
• Microsoft Windows Volume Shadow Copy Service (VSS)
• SCO OpenServer
• SCO UnixWare
• Oracle Solaris
• Novell NetWare
• VMware

Application plug-ins
Application plug-ins support backup and restore of databases or other special applications. Avamar currently provides plug-ins for the following applications:

• IBM DB2
• Lotus Domino
• Microsoft Exchange
• Microsoft Hyper-V
• Microsoft Office SharePoint Server (MOSS)
• Microsoft SQL Server
• NDMP for NAS devices, including EMC Celerra IP storage systems and Network Appliance filers
• Oracle
• SAP with Oracle
• Sybase ASE

Avamar Encryption

Avamar Encryption

To provide enhanced security during client/server data transfers, Avamar supports two levels of “in-flight” encryption: Medium and High. The exact encryption technology and bit strength used for any given client/server connection depends on a number of factors, including the client platform and Avamar server version.

The default encryption method is used for client/server data transfers (None, Medium, or High) when you create and edit groups.  The group encryption method can also be overriden for a specific client on the Client Properties tab of the Edit Client dialog box, for a specific backup on the On Demand Backup Options dialog box, or for a specific restore on the Restore Options dialog box.

To enable encryption of data in transit, the Avamar server data nodes each require a unique public/private key pair and a signed X.509 certificate that is associated with the public key.

When the Avamar server is installed, a public/private key pair and a self-signed certificate are generated automatically in the /data01/home/admin directory on each Avamar server storage node and in the /usr/local/avamar/etc directory on the utility node. However, because self-signing is not recommended in production environments, you should generate and install a key and signed certificate from either a commercial or private CA.

Each individual Avamar server can also be configured to encrypt data stored on the server “at rest.” The decision to encrypt all data stored in an Avamar server is typically a one-time decision that is made when the server is initially deployed at a customer site.

Avamar NDMP Accelerator Node for NAS

Avamar NDMP Accelerator Node

The limited scalability of traditional single system NAS platforms has been well documented as an issue.  Less well documented are the issues that can arise when the backup and recovery process can't keep up with the growth.

That is where the Avamar NDMP Accelerator node come in,  it support multiple storage devices and up to 8 simultaneous streams, performing real-time data dedupe.  Of course, there needs to be sufficient RAM and configuration on the accelerator. It supports VNX, Celerra, and NAS devices running Data ONTAP.  It supports NDMP version 4 over 100/1000 Mb/sec Ethernet and will work over a LAN or WAN.

The NDMP backups contain all storage device accounting information and ACLs.  Only volumes are visible, and include/exclude lists are not supported.  When combined with VNX or Celerra, the NDMP accelerator performs incremental backup at the volume level only and defaults to full backup of sub-root directories.  Best practice is to not backup more than 10 million files in a single backup job, which can be overridden in the config but jobs may fail for lack of memory with too many files.

When backing up NetApp Filers, the NDMP accelerator is backward compatible to Avamar 4.1 servers, but version 5.0 or newer is recommended.  The appliance will backup and restore volumes, qtrees and directories, and SnapVault snapshots must be backed up in full.

The NDMP accelerator will perform file level restores, as well as single directories and sub-directories, but data backed up on other Avamar client types are not restorable to a NAS - if it came from NDMP, it stays on NDMP and vice-versa.  There is no web restore with external authentication - users must have local authentication, and ACLs are fully supported, but there is no control for overwrite options.

Both LAN and WAN location of the NDMP device are supported, but it is recommended to have the accelerator local to the device being protected.   8 GB of memory is required in the appliance for multiple streams, and the recommendation is to have 4GB of memory per stream (8 streams max).

Multi-volume accounts will attempt to backup all volumes simultaneously, opening up to the possibility that there would be too many simultaneous streams.  It is best practice to combine all multi-volume accounts into one account and have a single multi-volume backup using the avsetupndmp script.

EMC NetWorker

EMC NetWorker

EMC NetWorker helps you protect your data by simplifying and centralizing backup and recovery operations. With its record-breaking performance, NetWorker is the ideal backup software for small offices as well as large data centers.

With the appropriate NetWorker modules, you can gain protection for popular database, messaging, content, and enterprise resource planning (ERP) applications. You can also choose from a menu of options to add specialized functionality.

Below are the lists of benefits of EMC NetWorker:

Open architecture

• Ensure reliable backup and recovery across local area network (LAN), wide area network (WAN), and storage area network (SAN) environments.

Heterogeneous support

• Simplify management with one solution for UNIX, Microsoft® Windows, Linux, NetWare, OpenVMS, Macintosh, and VMware virtualized systems.

“Hot” backup and recovery

• Back up enterprise applications and file systems while they are in production.

Centralized backup and recovery

• Gain complete control of your data across a variety of environments.

Global data deduplication

• Speed backups, reduce bandwidth consumption, and lower storage requirements by eliminating duplicate data at the source and target.

Parallelism and multiplexing

• Optimize use of your drives and libraries for rapid data protection in large environments.

Advanced staging and cloning

• Create multiple copies of backup data to reduce risk and ensure business continuity.

Open tape format

• Port tapes between different NetWorker servers and operating systems and migrate backups between platforms