Your SlideShare is downloading. ×
Snap protect se_presentation_v3.0
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Snap protect se_presentation_v3.0

5,213
views

Published on

Published in: Technology

1 Comment
0 Likes
Statistics
Notes
  • This is NetApp Confidential content. Please remove it. If you would like technical information on SnapProtect, feel free to contact me at james.bahn@netapp.com.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total Views
5,213
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
189
Comments
1
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • So, how does SnapProtect fit into our Integrated Data Protection ecosystem?Our positioning of NetApp Backup and Recovery solutions and partner integrations is based on recovery and retention time as well as the breadth of the use in the customer’s environment.If the goal is Local recovery for Application and Virtualization Administrators, then recommend the SnapManager software family for the different applications supported (such as SnapManager for Exchange or for Oracle). Similarly, if the virtualization-centric approach is desired, then our SnapManager for Virtual Infrastructure or Hyper-V would be the appropriate options. Finally, SnapCreator is a framework that can extend SnapManager functionality to applications for which there are are not specific SnapManager products, such as Lotus Domino or custom applications.If the goal is Backup Management of Entire Environment,then NetApp SnapProtect is a complete backup and recovery solution delivering disk-to-disk-to-tape backup for long term retention, and which manages multiple applications, as well as multiple virtual infrastructures, from a single-pane-of-glass. Additionally, we will soon support snapshot copies from third party storage to NetApp FAS secondary, and therefore will be able to cover heterogeneous storage environments in the Enterprise.If the goal is Integration with anExisting Backup Infrastructure, then suggest that the customer leverage their existing vendor’s integration with our storage to manage Snapshot copies. Many customers have made an investment in backup and recovery software infrastructure and look for a way to improve efficiency, performance and overall data availability. We partner with industry leading backup and recovery vendors such as Symantec, IBM, CommVault, and Syncsort who have integrated their applications with NetApp IDP to provide our mutual customers the benefit of modern data protection.
  • 1 Custom provisioning policies that are created in OnCommand must be named with a leading “SnapProtect_” in order for them to show up in the SnapProtect GUI (CommCell Console).
  • SnapProtect does not support QSM. If OnCommand is performing QSM for backups then the pmQSMBackupPreferred option in OnCommand should be set to “No”. In addition, make sure SnapVault is properly licensed.
  • 1 When doing P-M-V (primary to mirror to vault cascade) the “snapvault.snapshot_for_dr_backup” option mustbe set to “named_snapshot_only” on the mirror destination system. If this option is not set, then the vault will not be replicated from the SnapProtect created snapshot and will instead be updated from the VSM created snapshot.
  • The NAS iDA can restore qtrees, directories, and files. In addition, it can use SnapRestore on the primary array to revert an entire volume. Live Browse functionality available from Snapshot w/o indexing.Single file restore (from a NetApp snapshot) for VMs only works for Windows VMs. For Linux, this only works when the backup is to a disk library or tape library (streamed copy). It is not currently possible to perform granular indexing or single file restore for Linux VMs from the NetApp snapshot using SnapProtect.3. SQL Server supports point-in-time restore with log replay.4. Message level restores are available via mining operations. You can use either the offline mining tool or you can configure and perform snap mining.5. Document level restores are available via snap mining operations. 6. Active Directory backups are accomplished via streaming backup from the Active Directory server. System State backups can also be done via streaming backup using the Windows File System iDA. This requires that you disable system state backup from the default subclient and enable system state backup in a new subclient (with no other content defined).7. When Exchange or SQL are virtualized and the databases are on VMDKs you can use the virtual server agent (VSA) to backup the VM and perform database consistency during the VM backup. Recovery is the VM, VMDK, or files and not specific to Exchange or SQL. The options for Exchange allow for log truncation during the VM backup. There are no option to truncate logs SQL using this approach. When protecting Exchange in this manor (using VSA), DAG is now supported.8. LN = Lotus Notes9. Lotus Notes Database iDataAgentsupports both the database and the database plus transaction log restore operations. Lotus Notes Document iDataAgent supports the restoration of documents.Please refer to Books Online for more detail on restore options.
  • No log management for Oracle today.
  • Registry key for the VSA media agent to enable Linux indexing for streamed backups.HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerDWORD: LinuxMetadataSupportValue: 1
  • 1 When doing P-M-V (primary to mirror to vault cascade) the “snapvault.snapshot_for_dr_backup” option must be set to “named_snapshot_only” on the mirror destination system. If this option is not set, then the vault will not be replicated from the SnapProtect created Snapshot copy and will instead be updated from the VSM created snapshot.
  • The ESX server in the slide is the proxy that has a VM acting as a media agent running the Virtual Server Agent (VSA). This ESX server has access to the production datastores and allows hot-add transport mode for restores.
  • 1 When application-level protection is required for Exchange or SQL Server during a VMware-level backup, the guest must be added as a client (by installing the base agent software and VSS provider). The VM will show up in the list of clients, but it is protected by using the VSA (on the proxy media agent).
  • 1 When application-level protection is required for Exchange or SQL Server during a VMware-level backup, the guest must be added as a client (by installing the base agent software and VSS provider). The VM will show up in the list of clients, but it is protected by using the VSA (on the proxy media agent).
  • HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerName: PageFileDatastoreFilterValue Type: String valueValid data: names of datastores to filter separated by semicolon (ex. Datastore1;Datastore2)
  • The file system quiesce phase is good for data consistency, but it will increase the time it takes to create the VMware snapshot. Disabling the file system quiesce function will improve backup time at the cost of a more complete data consistent VMware snapshot.HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerName: VwSkipQuiesceVMValue Type: REG_DWORDValue: 1
  • Without this registry setting, the original ESX server which was used during the primary backup (set by the subclient properties) would also be used when mounting the remote snapshot when moving to tape. This would cause excessive WAN traffic. The registry key isolates the network traffic to the remote site.HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerName: sProxyESXValue Type: REG_SZValid Range: Hostname or IP of the secondary ESX server
  • Linux EXT3 for single file restore capability. Files must be restored back to windows host (enabed via LinuxMetadataSupport registry key)Microsoft apps will always be consistent as this is a function of Hyper-V itself.Hyper-v only supports block data (no nfs / cifs)
  • The advantage to this approach is that we have more control over our retention in how we handle daily and hourly backups. The disadvantage is that for NAS backups we aren’t taking advantage of incremental indexing. In addition, you can’t really do this approach with many of the iDAs (NAS might be the only one). Applications, for example, are generally not going to allow this type of setup.
  • The advantage to this approach is that we have more control over our retention in how we handle daily and hourly backups. The disadvantage is that for NAS backups we aren’t taking advantage of incremental indexing. In addition, you can’t really do this approach with many of the iDAs (NAS might be the only one). Applications, for example, are generally not going to allow this type of setup.
  • The advantage to this approach is that we have more control over our retention in how we handle daily and hourly backups. The disadvantage is that for NAS backups we aren’t taking advantage of incremental indexing. In addition, you can’t really do this approach with many of the iDAs (NAS might be the only one). Applications, for example, are generally not going to allow this type of setup.
  • Since we are using fulls and incrementals here, a single cycle is an entire day of backups (24 backups… 24 snapshots). So to keep 7 days of backups on the primary will mean (7 x 24) roughly 168 snapshots.The advantage to this approach is that for NAS data we get incremental indexing (since we are doing incremental backups). However, we have less control over our retention compare to example 1.
  • Vault basic retention – retain all backups for 1 day…The way this works, SnapVault will replicate all of the snapshots that have been created since the previous replication (basically all 24 from the entire days worth of backups). And basic retention will retain ALL backups, which includes all of the incremental jobs. So we will retain this for only a short period of time… 1 day in this case.
  • Mirroring of source vFiler requires option ‘vfiler.vol_clone_zapi_allow”
  • 1 OnCommand needs root access for array credentials, but can use snapprotectuser for NDMP credentials.
  • 1 There is no interoperability here. These are independent processes that need to be scheduled independently.
  • This is an example where we have distributed the SnapProtect database exports and backups. We have a local export of the database locally on the CommServe. We can also send the exports to a remote location. The DB backups can be sent to a disk library or tape library according to the storage policy configuration.#1 The most recent export of the database lives locally on the CommServe.#2 The most recent as well as longer term exports of the database can be sent to a UNC path in a remote location. #3 The database backups are associated with the CommServeDR storage policy and sent to the disk library or tape library associated with that storage policy.
  • In this example we have a single volume at each site to store the index metadata. Each of those volumes are configured as disk libraries. All media servers for the primary site will point to the same disk library and all of the media agents at the secondary site will point to the same disk library. In this way, each media agent would be able to access each other’s index if necessary. When configuring replication (SnapVault or SnapMirror) the index location for those secondary copies should point to the index at the secondary site. This allows the indexes to be copied to the secondary site along with the actual data.You would want to do this same approach for any other sites in the environment so that indexes are properly copied to each location.
  • 1 Snap Mining http://now/NOW/knowledge/docs/snapprotect/relsnap_protect90/html/software/admin_info/books_online/netapp/release_10_0_0/books_online_1/english_us/prod_info/snap_protect_clients.htm2 The Offline Mining Tool http://now/NOW/knowledge/docs/snapprotect/relsnap_protect90/html/software/admin_info/books_online/netapp/release_10_0_0/books_online_1/english_us/features/mining_tool/ex_mining_tool/ex_mining_tool.htm
  • When the VSA runs a backup, VMware returns the hostname or IP address associated with the private interface on the primary array (192.168.0.3 for example). If the datastores are configured using hostnames then VMware will return the hostname. If the datastores are configured using IP then VMware will return the IP address. SnapProtect will look for this entry in the list of configured arrays in “Array Management” to get authentication credentials. The media agent needs access to this private network in order to authenticate and issue API calls to create the snapshot on the primary array.In Array Management, you need two entries for the primary array – one for the public interface and one for the private interface. In this example we would need entries for 10.61.0.5 and 192.168.0.3 (both configured as primary file servers in Array Management).
  • When a storage policy is created for SnapProtect operations, it contains a “Primary(Snap)” copy. When you add a vault or mirror copy to the storage policy, it creates a storage service entry in OnCommand with the appropriate protection policy defined. The dataset in OnCommand is not created until the first replication job (or “auxiliary copy”) is performed.Stacking the snap copies within the storage policy builds the various cascades.
  • 1 Due to the performance of SnapDiff, NAS backups will probably have to done by using a combination of full and incremental backups. The level of protection is the same (a NetApp Snapshot copy), but the indexing is different. For full NAS backups, a full index is performed. For incremental NAS backups, an incremental index is performed. The incremental index is much faster.
  • System requirements…http://now/NOW/knowledge/docs/snapprotect/relsnap_protect90/html/software/admin_info/books_online/netapp/release_10_0_0/books_online_1/english_us/prod_info/snap_protect_support.htm
  • Transcript

    • 1. SnapProtect SE Training Presentation 1 Rev 3.0 Neil Shah Shawn Preissner Ajay Someshwar NetApp Confidential – Limited Use
    • 2. Agenda 2  Product Introduction and Positioning  Release Payloads  Technical Overview  Deployment Tips  Limitations  Resources  Appendix NetApp Confidential – Limited Use
    • 3. 3 Product Introduction and Positioning NetApp Confidential – Limited Use
    • 4. Solution Overview 4 Disk-to-disk-to-tape backup application  Delivers tape support and catalog  Provides unified protection management  Virtualization and application-aware NetApp Confidential – Limited Use
    • 5. Solution Overview continued 5 Designed for use with NetApp storage  NetApp Snapshots and replication for speed  NetApp storage efficiency for cost control  Initially for FAS / V-Series primary storage NetApp Confidential – Limited Use
    • 6. Solution Overview continued 6 OEM of a portion of CommVault software  NetApp branded management console (CommCell Console)  File system & application agents (iDAs)  Snapshot backup functionality (SnapProtect) – NetApp specific control – NetApp Snapshot copies – NetApp SnapVault and async SnapMirror  Packaging only available from NetApp NetApp Confidential – Limited Use
    • 7. Solution Overview continued 7 NetApp Snapshots Thin replication NetApp Storage Efficiency Tape Support Unified granular restores from Snapshots, SnapVault or Tape Tape Support Centralized Management Backup Catalog MS/ SQL SharePoint VMware Application Awareness Exchange Oracle DB2 SAP NAS File Services Files on NAS, host mount LUNs, or VMDKs Hyper-V Multi-tiered Backup and DR NetApp Confidential – Limited Use
    • 8. Solution Overview continued 8 Automated provisioning of secondary storage for disk-to-disk replication operations  No guesswork  Simply replicate to OnCommand resource pools ? Resource Pools NetApp Confidential – Limited Use
    • 9. Solution Overview continued SnapProtect Server Tape Library Virtualization SnapVault SnapMirror Indexing Secondary Storage Provisioning Tape Copy Management App-Consistent Snapshot Copies Replicated Snapshot Copies 1. Data is quiesced and protected via Snapshot® copies 2. Snapshot copies and clones used to access data for indexing 3. OnCommand handles provisioning of secondary storage, using resource pools and provisioning policies for replication 4. D2D replication with SnapVault® and/or SnapMirror® 5. D2D2T with SnapProtect™ movement to tape Generally speaking… OnCommand Server App Data NAS Data 9NetApp Confidential – Limited Use
    • 10. Position based on data protection workflows SnapManagers, VSC, SnapCreator Recovery for App/VI Administators Backup Management of Entire Environment SnapProtect™ Integration with Existing Backup Infrastructure • App. Protection & Recovery • DR with tight RPO • Production Test/Dev • Short term retention • NetApp-to-NetApp (N2N) • D2D2T Backup • Long term retention • Centralized Management (DR, BR) • Catalog, Tape • N2N, Any2NetApp (future) • Modernize & accelerate backup with NetApp Snapshot copies •Symantec NetBackup RD •CommVault Simpana •IBM TSM •Syncsort Backup Admin Backup Admin App/VI/Sys Admin
    • 11. Pricing Model 11  Controller-based pricing model – Licensed on primary controller by tier or platform – No additional cost if capacity managed changes – You do not need to license secondary storage  Simple all-inclusive license – Management console, Media agents and Tape – All application and virtualization agents – Temporary license built into the product  NOT included in Premium or any other bundle NetApp Confidential – Limited Use
    • 12. SnapProtect Ordering  Quote Tool – SnapProtect is on the system menus in the Quote Tool – Significantly reduced pricing for SnapProtect at Point of Sale for select platforms (Selecting SnapProtect automatically selects Premium Bundle)  Benefit – Better value to customers – Simplified ordering with SnapProtect on system menus  There are two license keys for SnapProtect – The SnapProtect software license key for Data Ontap – The SnapProtect Management Server (CommServe license) license key 12NetApp Confidential – Limited Use
    • 13. SnapProtect Ordering continued  Product description: SnapProtect on system menus i.e. controller based part number setup for SnapProtect  New structure in Quote Tool: – Configured: SnapProtect has Premium bundle mandatory (for FAS2000 channel, FAS3100 NTAP select channel, FAS3200, FAS6200). – For FAS3100/6000 platforms where Complete bundle is not available, SnapProtect is sold at add-on price (and no Complete Bundle dependency). 8.0.x will not be available configured. – Supported in 7 mode 7.3.6+, cDOT 8.0.2+ – Host based “SnapProtect Management Server” product and SSP (at 18%) to get “CCID”  Add-on SnapProtect is orderable on its own for all controllers  Other changes: – Licensing : An ONTAP license slot will be used to generate key 13NetApp Confidential – Limited Use
    • 14. Where to License SnapProtect 14 DR Site Primary Data Center MetroCluster SnapProtect Console Clone for Dev/Test SnapMirror SnapVault 1 1. Always: NetApp primary 2. MetroCluster / HA nodes 3. SnapMirror if SnapProtect used after failover as primary 2 3 NetApp Confidential – Limited Use
    • 15. Included with License 15 Component Capabilities Include Management Console (CommCell Console) Coordinating operations (data protection, data recovery, administration operations, job management, event management, etc) within a CommCell and communicating between all media agents and clients. Supported Media Agents Transmitting data between clients and backup media and managing the data stored in the media Tape Performing all backups to tape Supported application agents (iData Agents) Controlling data consistency for all supported application aware backups Supported virtualization agents Controlling all aspects of data management in virtualized environments such as data protection, replication and reporting. NetApp Confidential – Limited Use 1. The SnapProtect license is required on controller or controllers that are the primary storage for the file system or for the application being protected (where the first snapshot is created). 2. Secondary FAS devices used as SnapMirror or SnapVault destinations do not require a SnapProtect license.
    • 16. Additional Licenses 16 Component Primary Secondary / Tertiary Operations Manager / Protection Manager Required to manage the solution. FlexClone Required Required SnapVault / SnapMirror Appropriate licenses are required for each node based on the replication strategy. Protocols: NFS, CIFS, FCP/FCoE, iSCSI Appropriate licenses are required based on the protocols being deployed. SnapRestore Required Required* NetApp Confidential – Limited Use
    • 17. 17 Release Payloads NetApp Confidential – Limited Use
    • 18. Release Payloads - 10.0 SP2B 10.0 SP2B  Database Cloning ( SQL and Oracle )  Multithreaded VSA  Deferred Indexing  NAS Live Browse  Selective Copy  Extended Retention  VMware Datastore Exclude  BLI for SMTape  Oracle and Lotus Notes support on Windows  Vserver Aware NDMP Backups to Tape in Clustered Data ONTAP 8.2  Oracle Log Management / Truncation – Allows users to delete archive logs 18NetApp Confidential - Internal Use Only
    • 19. Release Payloads - 9.0 SP10 9.0 SP10  SnapProtect now supports backups for Veritas Cluster File System for HP-UX 11 v2/v3 (PA-RISC and Itanium) – Refer to SnapProtect IMT for more information 19NetApp Confidential – Limited Use
    • 20. Release Payloads - 9.0 SP7 9.0 SP7  Support for VMware datastore exclusions  Mechanism to throttle concurrent SnapDiff sessions 20NetApp Confidential - Internal Use Only
    • 21. Release Payloads - 9.0 SP6a 9.0 SP6a  OSSV Plug-in  VMware backup to tape using remote ESX proxy  VMware option to skip file system quiesce  SFSR for VMware VMs that span NFS datastores 21NetApp Confidential - Internal Use Only
    • 22. Release Payloads - 9.0 SP5 9.0 SP5  SFSR (Single File SnapRestore) for NAS  Improvements to SnapDiff for NAS backups allowing for ended periods between full backups  Job-based snapshot retention  vCenter Plug-In for single file restore from Windows VMs  Single file restore for Windows VMs that span multiple datastores  “Find” functionality for Windows VMs  SFSR (Single File SnapRestore) for VMDKs on NFS datastores **for VMs that do not span multiple datastores** 22NetApp Confidential - Internal Use Only
    • 23. Release Payloads - 9.0 SP4 9.0 SP4  “NAS Unlock” – Ability to NDMP dump from a snapshot that was not created by SnapProtect – Ability to NDMP dump without requiring an existing snapshot  Support for Oracle RAC (UNIX / Linux)  Support for VMs that span multiple datastores – No single file restore 23NetApp Confidential - Internal Use Only
    • 24. 24 Technical Overview NetApp Confidential – Limited Use
    • 25. Terminology 25 CommCell – A single instance of a NetApp® SnapProtect™ environment CommServe – The master server in a SnapProtect environment. This server uses a Microsoft® SQL Server® database and therefore must be a Microsoft Windows® system (Windows Server® 2003 or 2008 R2). Media agent – A media server in a SnapProtect environment. Media agents have broader operating system support, including Windows, Linux®, and UNIX® options. CommCell Console – The SnapProtect management interface. iDataAgents (iDA) – Agents that control data consistency during backup operations. NetApp Confidential – Limited Use
    • 26. Terminology continued 26 Clients – Hosts running iDataAgents for which data will be protected. Backup set – A layer of management in clients for grouping subclients. Subclient – An object that defines what data will be protected for a given client. Storage policy – An object that defines how data will be protected and how long backups will be retained. Disk library – A storage resource with an associated mount path that is used in the SnapProtect solution to store index information for backups. NetApp Confidential – Limited Use
    • 27. Terminology continued 27 OnCommand server – A server running OnCommand server software. The OnCommand server and the CommServe should typically be separate systems. NetApp Management Console (NMC) – An interface used to create resource pools and provisioning policies within the OnCommand framework. The NMC should be installed on a separate system from the OnCommand server. NetApp primary – The production NetApp storage array. NetApp secondary – The secondary NetApp storage array, used as a destination for replication. NetApp tertiary – A third NetApp storage array, used for replicating previously replicated data. NetApp Confidential – Limited Use
    • 28. Terminology continued 28 Snapshot® copy – A NetApp array-based point-in-time copy, used for recoverability. SnapVault. A NetApp® replication technology, used for backup and recovery. In the SnapProtect™ solution, a “vault” copy uses NetApp SnapVault® software. SnapMirror. A NetApp replication technology used for disaster recovery. In the SnapProtect solution, a “mirror” copy uses NetApp SnapMirror® software. NetApp Confidential – Limited Use
    • 29. Clustered Data ONTAP Support  SnapProtect has limited support for CDOT  Currently qualified functionality – NDMP dump – NDMP dump of existing snapshot  Not supported in CDOT – Snapshot backups – D2D replication 29NetApp Confidential - Internal Use Only
    • 30. D2D Replication 30 SnapProtect Server App Data Tape Library Virtualization NAS Data SnapVault SnapMirror Content Indexing Secondary Storage Provisioning Tape Copy Management App-Consistent Snapshot Copies Replicated Snapshot Copies 1. Data is quiesced and protected via Snapshot® copies 2. Snapshot copies and clones used to access data for indexing 3. DataFabric® Manager handles provisioning of secondary storage, using resource pools and provisioning policies for replication 4. D2D replication with SnapVault® and/or SnapMirror® 5. D2D2T with SnapProtect™ movement to tape Generally speaking… OnCommand Server
    • 31. D2D Replication continued  OnCommand terminology  Resource pool – A logical pool of storage used for provisioning (a group of aggregates for example)  Provisioning policy – A policy that defines a set of rules that are enforced when provisioning storage  OnCommand controls replication  Jobs are passed to OnCommand by SnapProtect™  SnapProtect controls the schedules and retention 31 The Role of OnCommand NetApp Confidential – Limited Use
    • 32. D2D Replication continued  Operational requirements – Resource pools for destination storage must be manually created in OnCommand – SnapProtect™ includes several preconfigured provisioning policies; custom provisioning policies created in OnCommand are also discovered and made available to SnapProtect1  The OnCommand server handles provisioning of secondary storage for replication operations – Uses resource pools – Destination volumes are created in resource pools – Uses provisioning policies – Secondary volumes are created using these provisioning rules 32 The Role of OnCommand NetApp Confidential – Limited Use
    • 33. D2D Replication continued  Provisioning policies (preconfigured) – SnapProtect_RAID_DP  Generic policy with NetApp® RAID-DP® and no deduplication enabled for the secondary volume (used for vault replication) – SnapProtect_Dedupe  Policy with RAID-DP and deduplication enabled on the secondary volume (used for vault replication) – SnapProtect_Mirror_Destination  Policy for mirror destinations; mirror destination volumes inherit the characteristics of the primary volume, including deduplication 33 The Role of OnCommand NetApp Confidential – Limited Use
    • 34. D2D Replication continued  NetApp data compression – SnapProtect cannot enable or manage NetApp data compression  Limited by lack of compression support in OnCommand – Compression must be enabled manually apart from SnapProtect – Compression requires Data ONTAP 8.0.1 34 The Role of OnCommand NetApp Confidential – Limited Use
    • 35. D2D Replication continued 35 Provisioning during baseline 1. Resource pools and provisioning policies are assigned in the SnapProtect™ software for replication copies. 2. SnapProtect backups initiate the replication job to OnCommand. (Schedules and retention are controlled by SnapProtect, not OnCommand) 3. OnCommand builds datasets based on the requirement, provisions the secondary volumes, and starts the baseline transfers. SnapVault® SnapMirror® Resource Pools and Provisioning PoliciesSnapProtect OnCommand Dataset A Dataset B The Role of OnCommand NetApp Confidential – Limited Use
    • 36. D2D Replication continued 36  SnapVault  SnapMirror (Async VSM)  Combinations (cascades)  OnComand handles replication  Fan-out options Vault Mirror MirrorVault Vault MirrorMirror Mirror Replication options NetApp Confidential – Limited Use
    • 37. D2D Replication continued 37  Storage Policies – What will we do with our data?  Subclients – What will we be protecting for this client? Mirror Copy Vault Copy Primary Snap Subclient Storage Policy P V MAssociate Subclient DataVol1 DataVol2 DataVol3 DataVol4 NetApp Confidential – Limited Use
    • 38. 38 Client Source Data Subclient iDataAgent Snapshot Copy Storage Policy Mirror Copy Vault Copy Tape Copy SnapProtect OnCommand  Clients own source data  iDataAgents live on clients to manage that data  Backup sets and subclients group client data together and are associated with a storage policy  Storage policies contain various snap copies (for NetApp® primary Snapshot® copies and replication copies)  SnapProtect™ controls the operations, while OnCommand manages replication Backup Set Backup Workflow NetApp Confidential – Limited Use
    • 39. Support for NAS Data  SnapProtect simply creates a NetApp Snapshot copy and indexes the contents – Indexing uses SnapDiff API – Indexing is optional for NAS data – Incremental backups run incremental indexing and improve indexing performance  The NetApp array is the client  Restore directories, files, qtrees as needed  Create a FlexClone by mounting the backup  Volume revert also available using SnapRestore  Support for SFSR (Single File SnapRestore) 39NetApp Confidential – Limited Use
    • 40. Support for NAS Data continued 40 SnapProtect Catalog SnapVault SnapMirror Backup by creating a Snapshot Copy and indexingReplicate with automated provisioning and catalog awarenessReplicate in cascaded fashionCopy to tape NAS Data NetApp Confidential – Limited Use
    • 41. Support for NAS Data continued  SFSR (Single File SnapRestore) support for NAS – Will automatically attempt SFSR where it can; otherwise will use normal copy-back – Only from primary array – Only used when selecting files (not directories) 41NetApp Confidential – Limited Use
    • 42. Support for NAS Data continued  Improvements to SnapDiff for NAS backups allowing for extended periods between full backups – This feature was necessary to enable “job-based retention” – When using both full and incremental backups the index is maintained even if the full is aged off – It is still a requirement to perform full backups to prevent the index from growing indefinitely – To improve SnapDiff performance for indexing NAS data, the convert_ucode flag should be enabled for the volume. Ideally this should be done prior to any data or snapshots being created on the volume. (BURT 533349) – See also related BURT 544383 42NetApp Confidential – Limited Use
    • 43. Support for LUN Data  SnapProtect™ for LUN data requires a file system iDA on the client system that is accessing the LUN  The file system data is quiesced (Windows® VSS) and a Snapshot® copy of the NetApp® volume is created  Mirroring and vaulting are supported, as well as movement to tape  Vaulting uses the SnapProtect created Snapshot copy for consistent replication1  LUN clones are created and used during indexing operations 43NetApp Confidential – Limited Use
    • 44. Support for LUN Data continued 44 SnapProtect Catalog SnapVault SnapMirror Backup by creating a Snapshot Copy and indexing of LUN contentsReplicate with automated provisioning and catalog awarenessReplicate in cascaded fashionCopy to tape LUN Data Client with File System iDA NetApp Confidential – Limited Use
    • 45. Support for Application Data  Microsoft® Exchange (including DAG configs)  Microsoft SQL Server®1  DB2 (UNIX®, Linux®)  Oracle®1 (Windows/UNIX/Linux) including RAC  SAP® on Oracle (UNIX/Linux)  Microsoft SharePoint®  Lotus Notes (Windows) Each application has its own agent (iDA) We are NOT using SnapManagers -Backups are application consistent 45NetApp Confidential – Limited Use
    • 46. Support for Application Data continued 46NetApp Confidential - Internal Use Only Application iData Agent Restore Granularity NAS NetApp NAS NDMP iDA qtrees, directories, files1 VMware Virtual Server iDA VMs, VMDKs, files2 Hyper-V Virtual Server iDA VMs, files SQL Server SQL Server iDA Database, filegroup3 Exchange Exchange Database iDA Information Store, DAG Object4 Oracle Oracle iDA Database, table DB2 DB2 iDA Database SharePoint SQL iDA, SharePoint Server iDA DB, Object5 Active Directory Active Directory iDA Object6 Lotus Notes LN DB iDA, LN Document iDA8 DB, DB+trans logs, Doc9 Application iData Agent Restore Granularity Exchange Virtual Server iDA VMs, VMDKs, files7 SQL Server Virtual Server iDA VMs, VMDKs, files7 Protection with application agents Protection with virtualization agent Be sure to read all footnotes for important details!
    • 47. Support for Application Data continued 47 4PM 6PM 8PM Managed Log Backups 30 Min Interval Application Server DB & Logs Log Backups Database corruption at 6:42PM Point in time restore Media Agent  Full backups  Log backups  Restore from Snapshot copies  Restore from log backups for point in time NetApp Confidential – Limited Use Note: Log backups in SQL are done via streaming backup rather than Snapshot copy. SQL Server example:
    • 48. Support for VMware  SnapProtect communicates with vSphere via the Virtual Server Agent (VSA)  The VSA must be installed on a media agent  Takes VMware level snapshots then NetApp snapshot  VM contents can be indexed allowing full VM recovery and single file recovery (Windows VMs) – 9.0 SP5 required for indexing VMs that span multiple datastores  Live-browse support for Windows VMs eliminates the need to index during backup  Linux VMs (ext3) allow single file restore from streamed backup only (requires LinuxMetadataSupport registry key)  Discovery rules for automatic protection  Virtualized Exchange and SQL Server can be quiesced via VSS integration during VM backup (when using VMDK for databases) 48NetApp Confidential – Limited Use
    • 49. Support for VMware continued  During indexing, LUN clones are used for LUN datastores; NetApp® FlexClone® is used for NFS datastores  Options for full VM restores or single files – Single file restore is for Windows VM only  Affinity allows new VMs to be protected automatically  Datastore affinity, for example, protects all new VMs for a particular datastore  Mirroring and vaulting are supported, as well as movement to tape  Vaulting uses the SnapProtect™ created Snapshot® copy for consistent replication1 49NetApp Confidential – Limited Use
    • 50. Support for VMware continued 50 SnapProtect Server Tape Library VMware SnapVault SnapMirror Consistent Snapshot copies Replicated Snapshot Copies 1. VMs are quiesced; Snapshot® copy is created; VMs are released 2. For NFS datastores, FlexClone® volumes are created; for LUN-based datastores, LUN clones are created; an ESX proxy can be used to index the contents of the clone for granular file-level recoverability 3. OnCommand handles provisioning of secondary storage by using resource pools and provisioning policies for replication 4. D2D replication with SnapVault® and/or SnapMirror® 5. D2D2T with SnapProtect™ movement to tape ESX Proxy Indexing Secondary Storage ProvisioningOnCommand Server VSA Tape Streaming Through Media Agent NetApp Confidential – Limited Use ESX
    • 51. Support for VMware continued  VM-level backups – Supports Exchange and SQL Server®  No support for Exchange DAG – Exchange / SQL Server must live in VMDKs – Requires base agent (File System iDA) and the VSS Provider software1 – VSS integration for database consistency – Option to perform log truncation during Exchange backup – Recover flat database files and use mining tools for granular recoveries (for example, mail messages) 51 Virtualized applications using Virtual Server Agent NetApp Confidential – Limited Use
    • 52. Support for VMware continued  Application backups – Treat client as a physical host and install client software as required – Use appropriate agents for given application – Application cannot live in a VMDK  Use RDM (see RDM support)  Or use direct attached iSCSI  Oracle agent supports NFS 52 Virtualized applications using application agent NetApp Confidential – Limited Use
    • 53. Support for VMware continued  RDM Support – Data in RDMs cannot be protected using the Virtual Server Agent (VSA) – To protect data in RDMs you must use a file system agent or application agent within the guest OS – RDM must be physical mode (virtual mode not supported) – RDM must be iSCSI protocol (FC protocol not supported) – Client will need to establish iSCSI connection from client to NetApp array as a communications link for creating Snapshot copy (not as a data path)  Client direct attached iSCSI (instead of RDM) is also supported 53NetApp Confidential - Internal Use Only
    • 54. Support for VMware continued  vCenter Plug-In – Available via web console or from vCenter – Used for single file restore from VM backup  Windows VMs only  Not for whole VM restore – For whole VM restore use SnapProtect console 54NetApp Confidential – Limited Use
    • 55. Support for VMware continued  SFSR (Single File SnapRestore) for VMDKs – Accelerated Array based restore of entire Virtual Machine – Available for all supported virtual machine platforms – Available when performing whole VM restore – Available for NFS datastores only – Available for in-place restore only – Available when restoring from primary Snapshot copy – Configuration files also get reverted – If VM is powered on it will get powered off prior to revert – SP6a required for VMs that span multiple datastores  To perform SFSR for NFS VMDKs – Under advanced restore options when restoring VM select “Use hardware revert capability if available” 55NetApp Confidential – Limited Use
    • 56. Support for VMware continued  Specific VMware datastores can be excluded from backup / replication (requires 9.0 SP7) – Typical use case would be to exclude a datastore dedicated to guest page file data – Enable via registry key on the media agent running the Virtual Server Agent (VSA)  PageFileDatastoreFilter 56NetApp Confidential - Internal Use Only Datastore exclusions
    • 57. Support for VMware continued  By default VMware backups will use the „quiesce the guest file system‟ option when creating VMware snapshots  Disable file system quiesce phase with registry key on the VSA media agent – VwSkipQuiesceVM – Requires 9.0 SP6a 57NetApp Confidential - Internal Use Only Skip file system quiesce
    • 58. Support for VMware continued 58NetApp Confidential - Internal Use Only  When backing up VMware data to tape at a remote site the the following registry key must be added to the remote VSA proxy to specify the IP or hostname of the remote proxy ESX server – sProxyESX (requires 9.0 SP6a or later ) Remote copy to tape SnapVault or SnapMirror Media Agent / VSA (virtual host) Proxy ESX Production ESX Remote Proxy ESX Media Agent / VSA (virtual host) Media Agent attached to library Registry key goes here Site A Site B
    • 59. Proxy based backups for VMWare 59NetApp Confidential - Internal Use Only • Proxy will be used to mount NetApp snapshot copies. • Offload indexing of VMs to another ESX host. • Production servers are not taxed for performance. • Restores can also be performed through a proxy host
    • 60. Support for Hyper-V  The VSA and media agent software must be installed on each Hyper-V server  VSS is required in order to backup an online Windows VM  Single file restore support for Windows and Linux VMs (EXT3)  No live-browse support  In-place restore of VM requires that you first delete the original VM  Pass thru disks are not supported  Auto discovery limited to naming convention 60NetApp Confidential – Limited Use
    • 61. Tape Management 61  NDMP dump – Uses NetApp NAS NDMP iDA – Contents are indexed  SMTape (Data ONTAP 8.0.1 or later) – Uses NetApp NAS NDMP iDA – Contents are NOT indexed  Streaming through media agent – All other iDAs – Contents are indexed NetApp Confidential – Limited Use
    • 62. Tape Management continued 62  NDMP dump (to dump direct from volume) – By default, SnapProtect will dump from snapshot copies that were created during subclient backup – To disable SnapProtect snapshots and dump directly from the volume  disable the SnapProtect option in the subclient properties NetApp Confidential – Limited Use
    • 63. Tape Management continued 63  NDMP dump (to dump from specific snapshot) – By default, SnapProtect will dump from snapshot copies that were created during subclient backup – To dump from a specific snapshot  Disable the SnapProtect option in the subclient properties  Enter the snapshot name in the advanced backup options when running or scheduling the backup NetApp Confidential – Limited Use
    • 64. Restoring Data  Can restore from any copy by browsing data from a particular copy number – The copy numbers are defined in the Copy Precedence tab in the storage policy properties  Can revert an entire volume or LUN by using SnapRestore® – This can be dangerous; use caution!  To browse or search backup data, right-click the subclient 64NetApp Confidential – Limited Use
    • 65. Scheduling  Several ways to schedule backups and replication – Schedule policies – Individual schedules (per subclient, etc.) – Hourly, daily, weekly, monthly, yearly – Fulls and incrementals  Can also schedule restores and client installs 65NetApp Confidential – Limited Use
    • 66. Retention  Retention options – All backups – All full backups – Weekly full backups – Monthly full backups – Quarterly full backups – Half yearly full backups – Yearly full backups 66NetApp Confidential – Limited Use
    • 67. Retention continued  Jobs-based retention (introduced in SP5) – Allows retention to be based on jobs (snapshots) rather than days / cycles  Works when using fulls  Works when using combination of fulls and incrementals  Not recommended to use this for application agents unless only full backups are used. This is because a log-only backup could remain available while it‟s full database backup could have expired 67NetApp Confidential – Limited Use
    • 68. Retention continued  Basic and Extended Retention Rules – Basic rules are required by default (cycles, days) – Extended rules configured optionally are intended to be flexible to meet a wide range of business requirements  Cycle – A cycle starts with a FULL backup and includes all associated Incremental backups – A cycle must start with a FULL (can‟t have only Incremental backups in a cycle) – A cycle is complete when the next FULL backup completes  Days – The number of calendar Days – Day is 24 hrs. from the completion time of the job 68NetApp Confidential – Limited Use
    • 69. Retention continued  Retention is defined in the Storage Policy copies  Retentions using both Cycles and Days The number of Cycles have to be exceeded AND The number of Days have to be exceeded before backup jobs expire  Retentions are defined for all backup jobs, replication jobs and tape copies  Aging Process removes expired jobs – Default schedule time is Noon daily 69NetApp Confidential – Limited Use
    • 70. Retention continued  Utilize both Cycles and Days for most backups  Optionally configure only Full backups using only Cycles (no Incremental backups) – For Full, simply use cycles only and 0 days  FULL backups  Example: Daily backups for 10 days = 0 days/10 cycles  Example: Hourly backup for 6 hours = 0 days/6 cycles  Only complete Cycles expire – Full backup and all dependent Incremental backups – A complete Cycle is required for restore 70 Recommendations NetApp Confidential – Limited Use
    • 71. Retention continued 71 Retain 2 Cycles First set of Full and Incremental backups finish. First Cycle is complete when next Full backup completes. Next backups finish. Cycle is complete after next Full completes. Oldest Cycle expires. FS IS IM FT IW IT FF 2 21 1 11 Cycles example NetApp Confidential – Limited Use
    • 72. Retention continued  Using full backups only  Criteria:  Schedule: daily full + hourly fulls  Keep 10 daily fulls on primary array  Keep 23 hourly fulls on primary array  SnapVault once per day  Keep 30 daily fulls on vault array  Keep a year of weekly fulls on vault array  Use two backup sets, two subclients, and two storage policies to set this up 72 Use case example 1 NetApp Confidential – Limited Use
    • 73. Retention continued  Backup set A  Configure subclient A and create a daily full schedule  This subclient is associated with storage policy A  Backup set B  Configure subclient B and create an hourly full schedule  This subclient is associated with storage policy B  Storage policy A  Configure retention as follows – Primary(Snap) basic retention – retain all backups for 0 days, 10 cycles – Vault basic retention – retain all backups for 0 days, 30 cycles – Vault extended retention – retain weekly fulls for 365 days  Storage policy B  Configure retention as follows – Primary(Snap) basic retention – retain all backups for 23 cycles 73 Use case example 1 NetApp Confidential – Limited Use
    • 74. Retention continued 74  Storage policy A  Storage policy B Primary(Snap) copy Vault copy Primary(Snap) copy Use case example 1 NetApp Confidential – Limited Use
    • 75. Retention continued  Using full and incremental backups  Criteria:  Schedule: daily full + hourly incrementals  Keep 7 days of backups on primary array  SnapVault once per day  Keep 30 daily fulls on vault array  Keep a year of weekly fulls on vault array  Use one backup set, one subclient, and one storage policy to set this up 75 Use case example 2 NetApp Confidential – Limited Use
    • 76. Retention continued  Backup set A  Configure subclient A and create a daily full schedule as well as an hourly incremental schedule  This subclient is associated with storage policy A  Storage policy A  Configure retention as follows – Primary(Snap) basic retention – retain all backups for 7 days, 7 cycles – Vault basic retention – retain all backups for 1 day (see notes) – Vault extended retention – retain 30 daily fulls (or 29 if you consider the one from basic retention) – Vault extended retention – retain weekly fulls for 365 days 76 Use case example 2 NetApp Confidential – Limited Use
    • 77. Retention continued 77  Storage policy A Primary(Snap) copy Vault copy Use case example 2 NetApp Confidential – Limited Use
    • 78. Role Based Security  Integration with Active Directory  Limit users to specific objects and capabilities  Limit user views 78NetApp Confidential – Limited Use
    • 79. vFiler Support  Cannot replicate to a vFiler (mirror or vault)  Indexing of source vFiler volume (NAS iDA) requires Data ONTAP 8.1.1 +  Mirroring of source vFiler requires option „vfiler.vol_clone_zapi_allow” 79NetApp Confidential – Limited Use
    • 80. Import Tool  Import tool creates NetApp clients, NAS subclients, and storage policies for existing OnCommand relationships  Imports non-application datasets (import tool is for NAS only)  Imports external relationships except: – QSM relationships – Volume SnapVault relationships – Fan-out relationships – OSSV relationships  Registers Snapshot copies for primary array  Creates XML file which can be edited before final import  Import does not preserve any throttle settings  Does not import schedules, jobs, or Snapshot copies of external relationships  Location… <Install Dir>BaseSnapProtectImport.exe 80NetApp Confidential – Limited Use
    • 81. 81 V10 SP2B UPDATE NetApp Confidential – Limited Use
    • 82. Database Cloning ( SQL and Oracle )  Leverages NetApp FlexClone and Snapshot capabilities to clone application consistent SQL / Oracle Databases  Cloned Databases are application consistent and the cloning activity can be performed from SnapProtect management console  Database Cloning ( SQL and Oracle ) can be performed only on full backups  Cloned Databases can be attached to the same or any other SQL / Oracle Server  Cloned Databases can be used to perform Test/Dev, Analytics 82NetApp Confidential – Limited Use
    • 83. Database Cloning ( SQL and Oracle )  Cloned Databases reserved based on the reservation period specified  Use Case – Customer wants to create an application consistent clone of SQL/Oracle Database and wants to perform Test/Dev activities on that clone. Customer can use an existing full backup or create a new full backup of the SQL/Oracle Database. The customer can then leverage the SnapProtect Database Cloning feature and use the full backup to create an application consistent clone of SQL/Oracle database and perform Test/Dev activities on that clone 83NetApp Confidential – Limited Use
    • 84. Database Cloning ( SQL and Oracle ) 84NetApp Confidential - Internal Use Only
    • 85. Database Cloning ( SQL and Oracle ) 85NetApp Confidential - Internal Use Only
    • 86. Multithreaded VSA  Prior to V10 SP2B version of SnapProtect, users could take application consistent VMware backup of one VM at a time ( serial basis )  Starting V10 SP2B, users can take application consistent VMware backups of multiple VMs in parallel – Enables faster VMware backups – Control the number of VMs to be parallelized by using the following registry key settings  VwSnapThreadCount - Controls the maximum number of concurrent software snapshot operations  VwDatastoreSnapThreadCount – Controls the maximum number of concurrent software snapshot operations on a datastore – Keep the following factors in mind when using the “VwSnapThreadCount” and “VwDatastoreSnapThreadCount” registry keys – How busy ( IOPS ) are your VMs that need to be protected (backed up) – Number of VMs that are protected in a single job – Performance of the storage containing the VMDKs – Layout of the datastores (Engage Professional Services to evaluate the above factors and architect the Multithreaded VSA feature in SnapProtect accordingly) 86NetApp Confidential – Limited Use
    • 87. Multithreaded VSA 87NetApp Confidential – Limited Use
    • 88. Multithreaded VSA 88NetApp Confidential – Limited Use
    • 89. Multithreaded VSA 89NetApp Confidential – Limited Use
    • 90. Deferred Indexing ( By Time and Location )  Allows users to defer indexing operation at a later time  Eliminates the impact of indexing on production activities  Enables decoupling of indexing and backup schedules  Option to specify primary or secondary (vault and mirror) Snapshot copy for indexing operation  Catalog browse and search capability available once indexing operation is complete 90NetApp Confidential – Limited Use
    • 91. Deferred Indexing ( By Time and Location )  Use Case – Customer has millions of files as the contents of the volume on the primary which causes indexing to take a long time. Customer wants to decouple backup and indexing schedules i.e run the backup job first and perform indexing operation at a later time on the secondary. Deferred Indexing allows customers to perform indexing on secondary after backup job has completed. This will result in backup jobs finishing quickly and the indexing operation can be run at a later time. 91NetApp Confidential – Limited Use
    • 92. Deferred Indexing ( By Time and Location ) 92NetApp Confidential - Internal Use Only
    • 93. NAS Live Browse  Allows users to browse and restore NAS data directly from snapshot without the need to catalog  Option to use either Primary or Secondary ( vault and mirror ) Snapshot copy for browsing and restoring NAS data  Also called “Browse From Snapshot” 93NetApp Confidential – Limited Use
    • 94. NAS Live Browse  Use Case – Customer wants to have the ability to do file level restores on NAS data but does not feel the need to spend time cataloging the data. NAS Live Browse feature gives customers the ability to perform file level restores on NAS data without cataloging data. 94NetApp Confidential – Limited Use
    • 95. NAS Live Browse 95NetApp Confidential - Internal Use Only
    • 96. Selective Copy  Allows users to select only a particular primary Snapshot copy that can be used to perform the vault operation based on the rules specified  Applicable for full backups only  Applicable for vault operation only ( not mirror )  Use Case – Customer wants to perform vault operation only on the first full backup in every week. If the week starts on Friday, the first full backup performed on or after Friday will be selected for the vault operation 96NetApp Confidential – Limited Use
    • 97. Selective Copy 97NetApp Confidential – Limited Use
    • 98. Extended Retention  Allows users to retain specific full backups for a longer period of time in addition to the basic retention period  Applicable for full backups only  Allow users to define up to three additional "extended" retention periods for full backups. Example – You may want to retain your weekly full backups for 30 days. – You may want to retain your monthly full backup for 90 days. – You may want to retain your yearly full backup for 365 days. 98NetApp Confidential – Limited Use
    • 99. Extended Retention  Use Case – Customer has basic retention period of 14 days, 2 cycles on the Primary snap. Customer has a business requirement to extend the retention of monthly full backups for 1 year. Using the Extended Retention feature, customer can extend the retention of one full backup per month for 1 year. 99NetApp Confidential – Limited Use
    • 100. Extended Retention 100NetApp Confidential – Limited Use
    • 101. VMware Datastore Exclude  Allows users to exclude certain datastores from VMware backup  Datastores excluded by using the “Filters” tab under “Properties” section of VMware subclient  Use Case – There is a virtual machine VM1 with a OS on DataStore1, Program File information on ESX_DataStore, and other data ( page files, application agent protected by other IDAs, etc) on DataStore2 and DataStore3. Customer wants to exclude DataStore2 and DataStore3 but wants to include DataStore1 and ESX_DataStore during backup of VM1 101NetApp Confidential – Limited Use
    • 102. VMware Datastore Exclude 102NetApp Confidential – Limited Use
    • 103. VMware Datastore Exclude 103NetApp Confidential – Limited Use
    • 104. VMware Datastore Exclude 104NetApp Confidential – Limited Use
    • 105. BLI For SMTape  Prior to V10 SP2B, SnapProtect only supported block level full backups to Tape when using SMTape  Starting V10 SP2B, SnapProtect now supports block level incremental backups in addition to block level full backups to Tape when using SMTape  Use Case – Customer does not have enough bandwidth to perform Mirror operations over the wire. By using SMTape ( SnapMirror to Tape ), customers can perform full and incremental backups to tape, ship tapes to the secondary location, read from those tapes and seed the mirror relationship with the primary 105NetApp Confidential – Limited Use
    • 106. Oracle and Lotus Notes Support on Windows  SnapProtect now supports Backup for Oracle (10g and 11g ) and Lotus Notes ( 8.0.x and 8.5.x) on Windows – Refer to SnapProtect IMT for more information 106NetApp Confidential – Limited Use
    • 107. Vserver Aware NDMP Backups To Tape in Clustered Data ONTAP 8.2  SnapProtect now supports Vserver aware NDMP backups to tape starting clustered Data ONTAP 8.2  Use Case – Customer has a 4 node cluster and a Vserver that spans across all the 4 nodes. Customer is using clustered Data ONTAP 8.2 and using NDMP to backup data from a volume1 on node1 to a tape device. Customer feels the need to move volume1 from node1 to node2 within the same Vserver for load balancing purposes. When the volume is moved to node2 within the same Vserver, the process is completely transparent to the user and has no impact on the existing NDMP backup to tape and the customer can continue to perform NDMP backups to tape as usual 107NetApp Confidential – Limited Use
    • 108. 108 Deployment Tips NetApp Confidential – Limited Use
    • 109. Installation Tips  A temporary license is built into the product  Installing the software cache allows for push- install of client binaries from the CommServe  To update the software cache for other platforms or service packs use the „CopyToCache‟ executable  Prepare a locations for indexes and DR backups (NetApp storage) – Create disk libraries for each of these, but create the one for DR backups first! 109NetApp Confidential – Limited Use
    • 110. Configuration – General  Add all NetApp arrays and OnCommand servers into the array management control panel  Add NetApp arrays into OnCommand using the NetApp Management Console  Create secondary resource pools using the NetApp Management Console  Proper hostname resolution between all systems is key to success 110NetApp Confidential – Limited Use
    • 111. Configuration – General continued  Array credentials and NDMP credentials – OnCommand and SnapProtect™ require both array credentials and NDMP credentials  For array credentials in SnapProtect: – A non-root user can be used1 NetApp1> useradmin role add snapprotectrole -c ”SnapProtect Management Role" -a login- ndmp,login-http-admin,api-* NetApp1> useradmin group add snapprotectgroup -c ”SnapProtect Management Group" –r snapprotectrole NetApp1> useradmin user add snapprotectuser -c ”SnapProtect Management Account" -n ”S Admin" –g snapprotectgroup – The same user can be used for NDMP credentials by using the encrypted password NetApp1> ndmpd password snapprotectuser 111NetApp Confidential – Limited Use
    • 112. Configuration – General continued  DR backups for SnapProtect™ and OnCommand – Protect SnapProtect catalog database – Protect OnCommand database  SnapProtect DR backups – DR backups are two-phase:  Export phase uses local disk or network drive  Backup phase uses CommServeDR storage policy to push to tape or disk 112NetApp Confidential – Limited Use
    • 113. Configuration – General continued  OnCommand database backups – Two modes:  Archive: Slower but creates portable zip  Snapshot: Fast but not portable; requires SnapDrive®  Run SnapProtect™ DR backup first, then OnCommand database backups1 113NetApp Confidential – Limited Use
    • 114. Configuration – General continued 114 C:Program FilesNetAppSnapProtectCommserveDR /vol/CSDBExport/vol/CSDBBackup CommServe 1 2 3 NetApp Confidential – Limited Use Configuring DR Backups
    • 115. Configuration – General continued 115 CommServe I:SharedIndexPri S:SharedIndexSec /vol/SharedIndexPri /vol/SharedIndexSec VSA MediaAgent Other MediaAgents I:SharedIndexPri S:SharedIndexSec I:SharedIndexPri S:SharedIndexSec VSA MediaAgent Other MediaAgents I:SharedIndexPri S:SharedIndexSec I:SharedIndexPri S:SharedIndexSec 2 Disk Libraries SharedIndexPri SharedIndexSec SharedIndexPri SharedIndexSec NetApp Confidential – Limited Use Configuring Index Locations
    • 116. Configuration – NAS  Add NetApp primary array as client  Create storage policy and subclient as needed 116NetApp Confidential – Limited Use
    • 117. Configuration – VMware  Create a VM to act as a Media Agent running the Virtual Server Agent (VSA)  Create a VMware instance (right click the Virtual Server iDA) 117NetApp Confidential – Limited Use
    • 118. Configuration – VMware continued  VSA subclients – Subclients will contain either individual VMs or discovery-based objects – Associate subclients with storage policies 118 Subclient MediaAgent (VSA) WinVM1 WinVM2 WinVM3 Backup Set (Individual VMs) Subclient MediaAgent (VSA) Datastore1 Datastore2 Datastore3 Backup Set (Datastore Affinity) Subclient MediaAgent (VSA) vAPP1 vAPP2 vAPP3 Backup Set (vAPP Affinity) Enable discovery rules in the properties of the backup set Index Windows VM contents by enabling granular recovery option NetApp Confidential – Limited Use
    • 119. Configuration – VMware continued  Restore individual VM files to a staging area – Nothing required to be installed in the VM – Use local disk or UNC path during restore  Use “impersonate user” setting when restoring to UNC path to set network credentials  Restoring individual files back into a VM – Some agents needed inside the VM  Windows File System iDA  Virtual Server Agent (VSA) for Windows file restores 119 SnapProtect Agents Windows File System iDA Virtual Server Agent (VSA) WinVM1 Windowsonly! NetApp Confidential – Limited Use Restoring individual files
    • 120. Configuration – VMware continued  Protecting Exchange or SQL Server running inside a VM using Virtual Server Agent – Exchange / SQL Server must live in VMDKs – Uses VSS for app consistency – Exchange allows for log truncation – Some binaries needed inside the VM  The Windows File System iDA and VSS Provider are required  The VSA allows file restores directly back to the VM  Snap Mining1 as well as the Exchange Offline Mining Tool2 allow for Exchange message level recovery 120 SnapProtect Agents Windows File System iDA Virtual Server Agent (VSA) VSS Provider Exchange Offline Mining Tool2 ExchVM1 NetApp Confidential – Limited Use
    • 121. Configuration – VMware continued Goal File System iDA VSS Provider VSA Restore entire VM Not required Not required Not required Granular indexing Not required Not required Not required Restore to staging area Not required Not required Not required Restore files back to VM ✔ Not required ✔ Protect Exchange or SQL in VM ✔ ✔ Not required 121  Windows VMs – What needs to be installed in the guest VM? Required Components NetApp Confidential – Limited Use
    • 122. Configuration – VMware continued  Several discovery options for VMware  Be careful not to fall into the replication pitfalls  Use the volume as a boundary – Protect everything in the volume with a single subclient  This means all contents must have same schedule and retention  Example below is not ideal 122 NetApp® Primary Volume Subclient 1 Subclient 2 Storage Policies with Mirror/Vault copy Subclient 3 vApp1 vApp2 vApp3 vApp1 vApp2 vApp3 vApp1 vApp2 vApp3 vApp1 vApp2 vApp3 Example:differentschedule andretentionrequirementsDiscovery NetApp Confidential – Limited Use
    • 123. Configuration – VMware continued  Several discovery options for VMware  Be careful not to fall into the replication pitfalls  Use the volume as a boundary – Protect everything in the volume with a single subclient  This means all contents must have same schedule and retention  Example below is better 123 NetApp® Primary Volume Subclient 1 Storage Policy with Mirror/Vault copy vApp1 vApp2 vApp3 vApp1 vApp2 vApp3 Example:sameschedule andretentionrequirementsDiscovery NetApp Confidential – Limited Use
    • 124. Configuration – VMware continued  The media agent (VSA) must have access to the private storage network  Add the public and private interface names for the primary array into the “Array Management” control panel in SnapProtect 124 Private Storage Networks NetApp Confidential – Limited Use Private Storage Network Public Network Media Agent ESX Server Primary Array Secondary Array 192.168.0.1 10.61.0.1 CommServe OnCommand Server 10.61.0.2 10.61.0.3 10.61.0.5 10.61.0.4 10.61.0.6 192.168.0.2 192.168.0.3 See slide notes for more detail.
    • 125. Configuration – Applications  SnapProtect client (the app server) needs the following binaries installed  File System iDA (Windows, Linux, etc)  Application agent (Exchange, Oracle, etc)  VSS Provider (Windows)  MediaAgent  Backups are then configured using the particular application iDA for the client 125NetApp Confidential – Limited Use Note: SQL does a streaming log backup. Other database apps use Snapshot copies for log backups.
    • 126. Proxy based backups for Exchange  Installation of the Exchange management tools on the proxy is required.  When to use a proxy server: – Performing integrity checks on Exchange 2010 DAG subclients – Exchange server has a multiple huge databases with 1000s of users – Offload the indexing of contents to the proxy server – Do not want to directly involve the Exchange server in any kind of backup/restore operations 126NetApp Confidential - Internal Use Only
    • 127.  D2D replication is configured within the storage policy (right click storage policy  create new snapshot copy)  Copy dependencies within the storage policy define the replication options  A vault-to-vault option is not supported Configuration – Replication 127 Primary(Snap) Mirror Copy Primary(Snap) Vault Copy Storage PolicyStorage Policy Primary(Snap) Mirror Copy Storage Policy Vault Copy Primary(Snap) Vault Copy Storage Policy Mirror Copy Primary(Snap) Mirror Copy Storage Policy Mirror Copy Note: The arrows ( ) point to the source copy for each of the copies in the storage policy. This illustrates the source dependency, not the direction of the data flow. Vault Mirror Mirror then Vault Vault then Mirror Mirror then Mirror NetApp Confidential – Limited Use
    • 128. Configuration – Replication continued 128 Primary(Snap) Mirror Copy Storage Policy Vault Copy Primary(Snap) Mirror Copy Storage Policy Vault Copy Vault Copy Primary(Snap) Mirror Copy Storage Policy Mirror Copy Primary(Snap) Mirror Copy Storage Policy Mirror Copy Vault Copy Note: The arrows ( ) point to the source copy for each of the copies in the storage policy. This illustrates the source dependency, not the direction of the data flow. Mirror and Vault Mirror and Mirror Mirror then Vault, and Vault Mirror then Vault, and Mirror NetApp Confidential – Limited Use
    • 129. Configuration – Replication continued  Understand where your data is  Multiple subclients for a single volume can cause unwanted replication in some cases  Example below is not ideal 129 NetApp® Primary Volume F: F: F: LunA LunB LunC LunA LunB LunC Subclient 1 Subclient 2 Storage Policy with Mirror/Vault copy LunA Subclient 3 LunB LunC LunA LunB LunC Hosts with LUN Connectivity NetApp Confidential – Limited Use
    • 130. Configuration – Replication continued  Understand where your data is  Multiple subclients for a single volume can cause unwanted replication in some cases  Example below is better 130 F: F: Subclient 3 LunC LunB Subclient 1 Subclient 2 Subclient 3 LunA LunB LunC F: LunA Hosts with LUN Connectivity Storage Policy with Mirror/Vault copy NetApp Confidential – Limited Use
    • 131. Configuration – Replication continued  Configure replication for a storage policy – Right click the storage policy  All tasks  Create New Snapshot Copy  Give the copy a name (such as “Vault Copy”)  Populate the index destination criteria  Select the protection type  For vault copies, work through the retention tab  On the copy policy tab, select the source for the copy  On the provisioning tab, select the provisioning policy and resource pool to be used for the destination 131NetApp Confidential – Limited Use
    • 132. Configuration – Replication continued  Modify the copy precedence definitions for the storage policy – Right click the storage policy  Properties  Under the Copy Precedence tab, set the precedence  Move “Primary(Classic)” to the last position 132NetApp Confidential – Limited Use
    • 133. Configuration – Replication continued  The copy precedence definitions are important when restoring from replicated copies – In advanced browse options, “Browse from copy precedence” indicates which copy to restore from  Copy 2, in this example, would be the vault copy 133NetApp Confidential – Limited Use
    • 134. Configuration – Tape Copies  Tape copies are managed by storage policies  For NDMP / SMTape the source array needs to be a client to establish NDMP credentials  First you will need add the tape library using the “Library & Drive Configuration” utility  Next, in the properties of the storage policy under the Snapshot tab – Enable backup copy – Modify selection rules (such as weekly fulls) – Specify source for backup copy 134NetApp Confidential – Limited Use
    • 135. Configuration – Tape Copies continued  Storage policy properties 135NetApp Confidential – Limited Use
    • 136. Configuration – Tape Copies continued  Create a new backup copy – Right click the storage policy  All tasks  Create New Copy  Give the copy a name (such as “Tape Copy”)  Populate the destination criteria  Adjust the retention  Click OK – Right click the new backup copy  Properties  On the General tab, set as Primary Copy  Click OK – Delete the “Primary(Classic)” copy 136NetApp Confidential – Limited Use
    • 137. Configuration – Tape Copies continued  Creating the backup copy – Note: the Primary Copy box is available after you create the copy and then view properties afterwards 137NetApp Confidential – Limited Use
    • 138. Configuration – Tape Copies continued  Check the storage policy properties and make sure the copy precedence numbers are set appropriately 138NetApp Confidential – Limited Use
    • 139. Configuration – Tape Copies continued  To run a manual tape job – Right click the storage policy  All Tasks  Run Backup Copy 139NetApp Confidential – Limited Use
    • 140. Configuration – Schedule Policies  Right click Schedule Policies  Add – Give the policy a name (such as “NAS Schedule Policy”) – For Type choose Data Protection – For Agent Type select the specific type of agent (such as NAS NDMP, Virtual Server, etc) 140NetApp Confidential – Limited Use – Use the Add button to add schedules to the policy such as  “Weekly Full”  “Daily Incr” Backup (local snapshot) Vault Copy Primary Snap
    • 141. Configuration – Schedule Policies continued  On the Associations tab, select the NetApp clients and subclients to be associated with this schedule policy  Click OK to save 141NetApp Confidential – Limited Use Backup (local snapshot) Vault Copy Primary Snap
    • 142. Configuration – Schedule Policies  Right click Schedule Policies  Add – Give the policy a name (such as “NAS Vault Schedule Policy”) – For Type choose Auxiliary Copy 142NetApp Confidential – Limited Use – Use the Add button to add schedules to the policy such as  “Daily Vault” Replication (disk-to-disk) Vault Copy Primary Snap
    • 143. Configuration – Schedule Policies continued  On the Associations tab, select the storage policy to be associated with this schedule policy  Click OK to save 143NetApp Confidential – Limited Use Replication (disk-to-disk) Vault Copy Primary Snap
    • 144. Configuration – Schedule Policies  Right click Schedule Policies  Add – Give the policy a name (such as “NAS Tape Schedule Policy”) – For Type choose Backup Copy 144NetApp Confidential – Limited Use – Use the Add button to add schedules to the policy such as  “Weekly Tape” Tape copy Vault Copy Primary Snap
    • 145. Configuration – Schedule Policies continued  On the Associations tab, select the storage policies to be associated with this schedule policy  Click OK to save 145NetApp Confidential – Limited Use Tape copy Vault Copy Primary Snap
    • 146. 146 Limitations NetApp Confidential – Limited Use
    • 147. Limitations General  Doing hourly and daily backups is not straight forward because basic retention rules don‟t allow hourly and daily retention. – You could create multiple backup sets, but applications don‟t allow multiple backup sets – Alternative is to introduce incremental backups – Must consider the number of Snapshot® copies when doing incremental backups  Throttling capabilities are currently lacking. Using the global replication throttle in Data ONTAP® might be preferable until this is improved.  NAS backups index uses SnapDiff. Performance could be problematic for volumes with many objects. Incremental backups help alleviate this.1 147NetApp Confidential – Limited Use
    • 148. Limitations General  Indexing operations are done only on the primary today  Application verifications are done only on primary storage today  There is no option to perform crash consistent backups for any of the applications (including VMware®); All backups will be consistent  The root volume (typically vol0) cannot be vaulted or mirrored using SnapProtect because the root volume does not allow for FlexClone. Avoid protecting the root volume with SnapProtect. 148NetApp Confidential – Limited Use
    • 149. Limitations General  We only support NetApp disk, so any disk libraries that are used for backup-to-disk must point to NetApp storage; Nothing prevents non-NetApp storage from being used for disk libraries, but it‟s not supported (non-NetApp VTL is fine)  No intelligent cloning for applications  SnapProtect cannot manage NetApp data compression (OnCommand limitation) – Compression would need to be enabled manually  NAS data that contains filenames / directory names with non-ASCII characters causes errors within SnapDiff which cause SnapProtect backups to fail. 149NetApp Confidential – Limited Use
    • 150. Limitations General  To improve SnapDiff performance for indexing NAS data, the convert_ucode flag should be enabled for the volume. Ideally this should be done prior to any data or snapshots being created on the volume. (BURT 533349) 150NetApp Confidential – Limited Use
    • 151. Limitations General  Renaming volumes and updating datasets from within SnapProtect is not currently supported.  Searching for all versions of files that have been backed up is not currently supported. 151NetApp Confidential - Internal Use Only
    • 152. Limitations Replication  A replication job cannot be updated more frequently than its source job – Example: If SnapProtect™ creates hourly Snapshot copies on the primary, you cannot update SnapMirror® every 15 minutes. You can schedule it, but the job will say there is nothing to do.  There is a serious bug related to restoring a vaulted qtree that has been removed (BURT 570835) 152NetApp Confidential – Limited Use
    • 153. Limitations VMware  There is no way to perform a “crash consistent” backup of VMs using the Virtual Server Agent. All VMware backups create VMware snapshots prior to the NetApp snapshot  Only Windows VMs can be indexed for single file restore from the snapshot copy. Linux VMs do not have this same functionality. 153NetApp Confidential – Limited Use
    • 154. Limitations VMware  VMware indexing and single file restore from snapshot can only be done for Windows VMs – Linux can only be indexed for single file restore when streamed to tape or disk (not from snapshot) and only when for ext3 154NetApp Confidential – Limited Use
    • 155. Limitations VMware  The VMware Raw Device Mapping (RDM) support includes the following limitations: – RDM data cannot be protected using the Virtual Server Agent (VSA). RDM data can only be protected using a file system or application agent within the guest operating system – RDM can only be configured in physical compatibility modes. Virtual compatibility modes are not supported. – Only RDM iSCSI protocols are supported. Fibre Channel protocols are not supported. – Client must establish iSCSI connection from client to NetApp array as a communications link for creating a Snapshot copy. Data path links are not supported. – Only client direct attached iSCSI is supported. 155NetApp Confidential - Internal Use Only
    • 156. 156 Log Management NetApp Confidential – Limited Use
    • 157. Log management  Log files provide detailed information about the jobs that are running or completed in the console.  Log files can be sent for review via: – CommCell Console – Remote web-based applications – Command line – Upload to a FTP server  Default max size of log files is 5 MB.  Using Process manager user can change the debug level, log file size and log file count 157NetApp Confidential - Internal Use Only
    • 158. Log management - contd  There are 5 types of log files that are generated for a job. These are: – CVD.log – EvMgrS.log – JobManager.log – MediaManager.log – CVMA.log  The View Log Files feature allows you to view log files from the CommCell Console for any of the following: – A CommServe, MediaAgent, or client. – An active job in the Job Controller. – A job in a job history window. 158NetApp Confidential - Internal Use Only
    • 159. 159 Resources NetApp Confidential – Limited Use
    • 160. Resources Support and Requirements information  Interoperability Matrix Tool  SnapProtect Hardware Compatibility Matrix  SnapProtect Documentation  NetApp FAS Direct Attached Tape Drive / Library Support 160NetApp Confidential – Limited Use
    • 161. Resources  www.netapp.com – TR-3920 SnapProtect Overview and Design Considerations – Infomercial  Field Portal – Technical FAQ – Sales FAQ – SE Training Presentation – Recorded Demo  Now Site – Books Online  NetApp Communities  xdl-snapprotect@netapp.com 161NetApp Confidential – Limited Use
    • 162. Resources continued  Lab On Demand  ESG Report 162NetApp Confidential – Limited Use
    • 163. Resources continued NetApp-U Courses  ABCs of SnapProtect Management Software  Technical Overview of the SnapProtect Management Solution  Technical Positioning of the SnapProtect Solution  Architecting the SnapProtect Solution  Planning and Installing the SnapProtect Solution  Operating and Troubleshooting the SnapProtect Solution 163NetApp Confidential – Limited Use
    • 164. 164 Appendix NetApp Confidential – Limited Use
    • 165. OSSV Plug-in Overview  OSSV-style (block-level-incremental) backup of local file system data on non-NetApp storage to NetApp FAS – Windows – Linux – Solaris  Managed by the SnapProtect console  “Live browse” OSSV snapshots for restore – Restore from SnapProtect console – Restore from OSSV client  Cataloged OSSV NDMP tape backups  Supports pre & post backup scripts 165NetApp Confidential - Internal Use Only
    • 166. OSSV Plug-in continued 166NetApp Confidential - Internal Use Only C: SysState F:Data Windows SnapProtect OSSV Plug-in Steamed backup (File System iDA) G:App SnapProtect Snapshots / /data /app 3rd party backup app SnapProtect Snapshots Linux / Solaris OSSV Plug-in Traditional backup Use Cases  NetApp hosted application data is protected via SnapProtect Snapshot backup  Windows OS and local file systems protected via OSSV plug-in  Windows System State protected with traditional backup-to-disk via SnapProtect  Linux / Solaris local file systems protected via OSSV plug-in  Linux / Solaris OS partitions protected via 3rd party backup application OSSV Destination OSSV Destination Backup-to-Disk (CIFS) Application Production Volume Application Production Volume
    • 167. OSSV Plug-in continued Things to know  The OSSV plug-in does not perform indexing of backups; backup data is selected for restore via “live-browse” approach  The OSSV plug-in does not support replication of the backup data (SnapMirror / SnapVault)  The OSSV plug-in does not provision secondary storage; secondary volumes must be created manually  No application support  The OSSV plug-in solution consists of the following – OSSV binaries (must install on each client first) – OSSV plug-in (can push-install from SnapProtect)  OSSV 3.0.1 P4 is required; included on SnapProtect 9.0 SP6a ISO 167NetApp Confidential - Internal Use Only
    • 168. Preferred Network for Replication  The following is a copy/paste from TR-3710 168NetApp Confidential - Internal Use Only
    • 169. 169NetApp Confidential – Limited Use