5. Solution Overview continued
5
Designed for use with
NetApp storage
NetApp Snapshots and
replication for speed
NetApp storage efficiency
for cost control
Initially for FAS / V-Series
primary storage
NetApp Confidential – Limited Use
6. Solution Overview continued
6
OEM of a portion of
CommVault software
NetApp branded management console
(CommCell Console)
File system & application agents (iDAs)
Snapshot backup functionality
(SnapProtect)
– NetApp specific control
– NetApp Snapshot copies
– NetApp SnapVault and async SnapMirror
Packaging only available from NetApp
NetApp Confidential – Limited Use
7. Solution Overview continued
7
NetApp
Snapshots
Thin replication
NetApp Storage Efficiency
Tape
Support
Unified granular restores from Snapshots, SnapVault or Tape
Tape Support
Centralized Management
Backup
Catalog
MS/ SQL
SharePoint
VMware
Application Awareness
Exchange
Oracle DB2 SAP
NAS File
Services
Files on NAS,
host mount LUNs,
or VMDKs Hyper-V
Multi-tiered Backup and DR
NetApp Confidential – Limited Use
8. Solution Overview continued
8
Automated provisioning of secondary storage
for disk-to-disk replication operations
No guesswork
Simply replicate to OnCommand resource pools
?
Resource Pools
NetApp Confidential – Limited Use
9. Solution Overview continued
SnapProtect
Server
Tape Library
Virtualization
SnapVault
SnapMirror
Indexing
Secondary Storage
Provisioning
Tape Copy
Management
App-Consistent
Snapshot Copies
Replicated
Snapshot
Copies
1. Data is quiesced and protected
via Snapshot® copies
2. Snapshot copies and clones
used to access data for indexing
3. OnCommand handles provisioning of
secondary storage, using resource pools and
provisioning policies for replication
4. D2D replication with SnapVault®
and/or SnapMirror®
5. D2D2T with SnapProtect™
movement to tape
Generally
speaking… OnCommand
Server
App Data
NAS Data
9NetApp Confidential – Limited Use
10. Position based on data protection workflows
SnapManagers,
VSC,
SnapCreator
Recovery for App/VI
Administators
Backup Management
of Entire Environment
SnapProtect™
Integration with Existing
Backup Infrastructure
• App. Protection &
Recovery
• DR with tight RPO
• Production Test/Dev
• Short term retention
• NetApp-to-NetApp (N2N)
• D2D2T Backup
• Long term retention
• Centralized Management
(DR, BR)
• Catalog, Tape
• N2N, Any2NetApp
(future)
• Modernize & accelerate
backup with NetApp
Snapshot copies
•Symantec NetBackup RD
•CommVault Simpana
•IBM TSM
•Syncsort
Backup
Admin
Backup
Admin
App/VI/Sys
Admin
11. Pricing Model
11
Controller-based pricing model
– Licensed on primary controller by tier or platform
– No additional cost if capacity managed changes
– You do not need to license secondary storage
Simple all-inclusive license
– Management console, Media agents and Tape
– All application and virtualization agents
– Temporary license built into the product
NOT included in Premium
or any other bundle
NetApp Confidential – Limited Use
12. SnapProtect Ordering
Quote Tool
– SnapProtect is on the system menus in the Quote Tool
– Significantly reduced pricing for SnapProtect at Point of Sale for
select platforms (Selecting SnapProtect automatically selects
Premium Bundle)
Benefit
– Better value to customers
– Simplified ordering with SnapProtect on system menus
There are two license keys for SnapProtect
– The SnapProtect software license key for Data Ontap
– The SnapProtect Management Server (CommServe license)
license key
12NetApp Confidential – Limited Use
13. SnapProtect Ordering continued
Product description: SnapProtect on system menus i.e. controller based part
number setup for SnapProtect
New structure in Quote Tool:
– Configured: SnapProtect has Premium bundle mandatory (for FAS2000
channel, FAS3100 NTAP select channel, FAS3200, FAS6200).
– For FAS3100/6000 platforms where Complete bundle is not available,
SnapProtect is sold at add-on price (and no Complete Bundle dependency).
8.0.x will not be available configured.
– Supported in 7 mode 7.3.6+, cDOT 8.0.2+
– Host based “SnapProtect Management Server” product and SSP (at 18%) to
get “CCID”
Add-on SnapProtect is orderable on its own for all controllers
Other changes:
– Licensing : An ONTAP license slot will be used to generate key
13NetApp Confidential – Limited Use
14. Where to License SnapProtect
14
DR Site
Primary Data Center
MetroCluster
SnapProtect
Console
Clone for Dev/Test
SnapMirror
SnapVault
1
1. Always: NetApp primary
2. MetroCluster / HA nodes
3. SnapMirror if SnapProtect
used after failover as primary
2
3
NetApp Confidential – Limited Use
15. Included with License
15
Component Capabilities Include
Management Console (CommCell Console) Coordinating operations (data protection, data
recovery, administration operations, job
management, event management, etc) within a
CommCell and communicating between all
media agents and clients.
Supported Media Agents Transmitting data between clients and backup
media and managing the data stored in the
media
Tape Performing all backups to tape
Supported application agents (iData Agents) Controlling data consistency for all supported
application aware backups
Supported virtualization agents Controlling all aspects of data management in
virtualized environments such as data
protection, replication and reporting.
NetApp Confidential – Limited Use
1. The SnapProtect license is required on controller or controllers that are the
primary storage for the file system or for the application being protected (where the
first snapshot is created).
2. Secondary FAS devices used as SnapMirror or SnapVault destinations do not
require a SnapProtect license.
16. Additional Licenses
16
Component Primary Secondary / Tertiary
Operations Manager /
Protection Manager
Required to manage the solution.
FlexClone Required Required
SnapVault / SnapMirror Appropriate licenses are required for each node based on the
replication strategy.
Protocols: NFS, CIFS,
FCP/FCoE, iSCSI
Appropriate licenses are required based on the protocols
being deployed.
SnapRestore Required Required*
NetApp Confidential – Limited Use
18. Release Payloads - 10.0 SP2B
10.0 SP2B
Database Cloning ( SQL and Oracle )
Multithreaded VSA
Deferred Indexing
NAS Live Browse
Selective Copy
Extended Retention
VMware Datastore Exclude
BLI for SMTape
Oracle and Lotus Notes support on Windows
Vserver Aware NDMP Backups to Tape in Clustered Data ONTAP 8.2
Oracle Log Management / Truncation
– Allows users to delete archive logs
18NetApp Confidential - Internal Use Only
19. Release Payloads - 9.0 SP10
9.0 SP10
SnapProtect now supports backups for Veritas Cluster
File System for HP-UX 11 v2/v3 (PA-RISC and
Itanium)
– Refer to SnapProtect IMT for more information
19NetApp Confidential – Limited Use
20. Release Payloads - 9.0 SP7
9.0 SP7
Support for VMware datastore exclusions
Mechanism to throttle concurrent SnapDiff sessions
20NetApp Confidential - Internal Use Only
21. Release Payloads - 9.0 SP6a
9.0 SP6a
OSSV Plug-in
VMware backup to tape using remote ESX proxy
VMware option to skip file system quiesce
SFSR for VMware VMs that span NFS datastores
21NetApp Confidential - Internal Use Only
22. Release Payloads - 9.0 SP5
9.0 SP5
SFSR (Single File SnapRestore) for NAS
Improvements to SnapDiff for NAS backups allowing for ended
periods between full backups
Job-based snapshot retention
vCenter Plug-In for single file restore from Windows VMs
Single file restore for Windows VMs that span multiple
datastores
“Find” functionality for Windows VMs
SFSR (Single File SnapRestore) for VMDKs on NFS datastores
**for VMs that do not span multiple datastores**
22NetApp Confidential - Internal Use Only
23. Release Payloads - 9.0 SP4
9.0 SP4
“NAS Unlock”
– Ability to NDMP dump from a snapshot that
was not created by SnapProtect
– Ability to NDMP dump without requiring an
existing snapshot
Support for Oracle RAC (UNIX / Linux)
Support for VMs that span multiple datastores
– No single file restore
23NetApp Confidential - Internal Use Only
25. Terminology
25
CommCell – A single instance of a NetApp® SnapProtect™
environment
CommServe – The master server in a SnapProtect
environment. This server uses a Microsoft® SQL Server®
database and therefore must be a Microsoft Windows®
system (Windows Server® 2003 or 2008 R2).
Media agent – A media server in a SnapProtect environment.
Media agents have broader operating system support,
including Windows, Linux®, and UNIX® options.
CommCell Console – The SnapProtect management
interface.
iDataAgents (iDA) – Agents that control data consistency
during backup operations.
NetApp Confidential – Limited Use
26. Terminology continued
26
Clients – Hosts running iDataAgents for which data
will be protected.
Backup set – A layer of management in clients for
grouping subclients.
Subclient – An object that defines what data will be protected
for a given client.
Storage policy – An object that defines how data will be
protected and how long backups will be retained.
Disk library – A storage resource with an associated mount
path that is used in the SnapProtect solution to store index
information for backups.
NetApp Confidential – Limited Use
27. Terminology continued
27
OnCommand server – A server running OnCommand server
software. The OnCommand server and the CommServe
should typically be separate systems.
NetApp Management Console (NMC) – An interface used to
create resource pools and provisioning policies within the
OnCommand framework. The NMC should be installed on a
separate system from the OnCommand server.
NetApp primary – The production NetApp storage array.
NetApp secondary – The secondary NetApp storage array,
used as a destination for replication.
NetApp tertiary – A third NetApp storage array, used for
replicating previously replicated data.
NetApp Confidential – Limited Use
28. Terminology continued
28
Snapshot® copy – A NetApp array-based
point-in-time copy, used for recoverability.
SnapVault. A NetApp® replication
technology, used for backup and recovery.
In the SnapProtect™ solution, a “vault”
copy uses NetApp SnapVault® software.
SnapMirror. A NetApp replication technology
used for disaster recovery. In the
SnapProtect solution, a “mirror” copy uses
NetApp SnapMirror® software.
NetApp Confidential – Limited Use
29. Clustered Data ONTAP Support
SnapProtect has limited support for CDOT
Currently qualified functionality
– NDMP dump
– NDMP dump of existing snapshot
Not supported in CDOT
– Snapshot backups
– D2D replication
29NetApp Confidential - Internal Use Only
30. D2D Replication
30
SnapProtect
Server
App Data
Tape Library
Virtualization
NAS Data
SnapVault
SnapMirror
Content
Indexing
Secondary
Storage
Provisioning
Tape Copy
Management
App-Consistent
Snapshot Copies
Replicated
Snapshot Copies
1. Data is quiesced and
protected via Snapshot®
copies
2. Snapshot copies and
clones used to access data for
indexing
3. DataFabric® Manager handles provisioning
of secondary storage, using resource pools and
provisioning policies for replication
4. D2D replication with SnapVault® and/or
SnapMirror®
5. D2D2T with SnapProtect™ movement to
tape
Generally
speaking…
OnCommand
Server
31. D2D Replication continued
OnCommand terminology
Resource pool
– A logical pool of storage used for provisioning (a group
of aggregates for example)
Provisioning policy
– A policy that defines a set of rules that are enforced
when provisioning storage
OnCommand controls replication
Jobs are passed to OnCommand by
SnapProtect™
SnapProtect controls the schedules and retention
31
The Role of OnCommand
NetApp Confidential – Limited Use
32. D2D Replication continued
Operational requirements
– Resource pools for destination storage must be manually
created in OnCommand
– SnapProtect™ includes several preconfigured
provisioning policies; custom provisioning policies created
in OnCommand are also discovered and made available
to SnapProtect1
The OnCommand server handles provisioning
of secondary storage for replication operations
– Uses resource pools
– Destination volumes are created in resource pools
– Uses provisioning policies
– Secondary volumes are created using these provisioning rules
32
The Role of OnCommand
NetApp Confidential – Limited Use
33. D2D Replication continued
Provisioning policies (preconfigured)
– SnapProtect_RAID_DP
Generic policy with NetApp® RAID-DP® and no
deduplication enabled for the secondary volume (used for
vault replication)
– SnapProtect_Dedupe
Policy with RAID-DP and deduplication enabled on the
secondary volume (used for vault replication)
– SnapProtect_Mirror_Destination
Policy for mirror destinations; mirror destination volumes
inherit the characteristics of the primary volume, including
deduplication
33
The Role of OnCommand
NetApp Confidential – Limited Use
34. D2D Replication continued
NetApp data compression
– SnapProtect cannot enable or manage NetApp
data compression
Limited by lack of compression support in
OnCommand
– Compression must be enabled manually apart
from SnapProtect
– Compression requires Data ONTAP 8.0.1
34
The Role of OnCommand
NetApp Confidential – Limited Use
35. D2D Replication continued
35
Provisioning during baseline
1. Resource pools and
provisioning policies
are assigned in the
SnapProtect™
software for
replication copies.
2. SnapProtect backups initiate
the replication job to
OnCommand. (Schedules
and retention are controlled
by SnapProtect, not
OnCommand)
3. OnCommand builds
datasets based
on the requirement,
provisions the secondary
volumes, and starts the
baseline transfers.
SnapVault®
SnapMirror®
Resource Pools and
Provisioning PoliciesSnapProtect
OnCommand
Dataset A
Dataset B
The Role of OnCommand
NetApp Confidential – Limited Use
37. D2D Replication continued
37
Storage Policies
– What will we do with our data?
Subclients
– What will we be protecting for this client?
Mirror
Copy
Vault
Copy
Primary
Snap
Subclient
Storage Policy
P V MAssociate
Subclient
DataVol1
DataVol2
DataVol3
DataVol4
NetApp Confidential – Limited Use
38. 38
Client
Source Data
Subclient
iDataAgent
Snapshot Copy
Storage Policy
Mirror Copy
Vault Copy
Tape Copy
SnapProtect
OnCommand
Clients own source data
iDataAgents live on clients to
manage that data
Backup sets and subclients group
client data together and are
associated with a storage policy
Storage policies contain various
snap copies (for NetApp® primary
Snapshot® copies and replication
copies)
SnapProtect™ controls the
operations, while OnCommand
manages replication
Backup Set
Backup Workflow
NetApp Confidential – Limited Use
39. Support for NAS Data
SnapProtect simply creates a NetApp Snapshot copy
and indexes the contents
– Indexing uses SnapDiff API
– Indexing is optional for NAS data
– Incremental backups run incremental indexing and
improve indexing performance
The NetApp array is the client
Restore directories, files, qtrees as needed
Create a FlexClone by mounting the backup
Volume revert also available using SnapRestore
Support for SFSR (Single File SnapRestore)
39NetApp Confidential – Limited Use
40. Support for NAS Data continued
40
SnapProtect
Catalog
SnapVault SnapMirror
Backup by creating a Snapshot Copy and indexingReplicate with automated provisioning and catalog awarenessReplicate in cascaded fashionCopy to tape
NAS Data
NetApp Confidential – Limited Use
41. Support for NAS Data continued
SFSR (Single File SnapRestore) support for NAS
– Will automatically attempt SFSR where it can; otherwise
will use normal copy-back
– Only from primary array
– Only used when selecting files (not directories)
41NetApp Confidential – Limited Use
42. Support for NAS Data continued
Improvements to SnapDiff for NAS backups allowing
for extended periods between full backups
– This feature was necessary to enable “job-based
retention”
– When using both full and incremental backups the index
is maintained even if the full is aged off
– It is still a requirement to perform full backups to prevent
the index from growing indefinitely
– To improve SnapDiff performance for indexing NAS data, the
convert_ucode flag should be enabled for the volume. Ideally
this should be done prior to any data or snapshots being
created on the volume. (BURT 533349)
– See also related BURT 544383
42NetApp Confidential – Limited Use
43. Support for LUN Data
SnapProtect™ for LUN data requires a file
system iDA on the client system that is
accessing the LUN
The file system data is quiesced (Windows®
VSS) and a Snapshot® copy of the NetApp®
volume is created
Mirroring and vaulting are supported, as well
as movement to tape
Vaulting uses the SnapProtect created
Snapshot copy for consistent replication1
LUN clones are created and used during
indexing operations
43NetApp Confidential – Limited Use
44. Support for LUN Data continued
44
SnapProtect
Catalog
SnapVault SnapMirror
Backup by creating a Snapshot Copy and indexing of LUN contentsReplicate with automated provisioning and catalog awarenessReplicate in cascaded fashionCopy to tape
LUN Data
Client with
File System iDA
NetApp Confidential – Limited Use
45. Support for Application Data
Microsoft® Exchange (including DAG configs)
Microsoft SQL Server®1
DB2 (UNIX®, Linux®)
Oracle®1 (Windows/UNIX/Linux) including RAC
SAP® on Oracle (UNIX/Linux)
Microsoft SharePoint®
Lotus Notes (Windows)
Each application has its own agent (iDA)
We are NOT using SnapManagers
-Backups are application consistent
45NetApp Confidential – Limited Use
46. Support for Application Data continued
46NetApp Confidential - Internal Use Only
Application iData Agent Restore Granularity
NAS NetApp NAS NDMP iDA qtrees, directories, files1
VMware Virtual Server iDA VMs, VMDKs, files2
Hyper-V Virtual Server iDA VMs, files
SQL Server SQL Server iDA Database, filegroup3
Exchange Exchange Database iDA Information Store, DAG
Object4
Oracle Oracle iDA Database, table
DB2 DB2 iDA Database
SharePoint SQL iDA, SharePoint Server iDA DB, Object5
Active Directory Active Directory iDA Object6
Lotus Notes LN DB iDA, LN Document iDA8 DB, DB+trans logs, Doc9
Application iData Agent Restore Granularity
Exchange Virtual Server iDA VMs, VMDKs, files7
SQL Server Virtual Server iDA VMs, VMDKs, files7
Protection with application agents
Protection with virtualization agent
Be sure to read all footnotes for important details!
47. Support for Application Data continued
47
4PM
6PM
8PM
Managed Log Backups
30 Min Interval
Application
Server
DB & Logs
Log Backups
Database
corruption
at 6:42PM
Point in time
restore
Media
Agent
Full backups
Log backups
Restore from
Snapshot copies
Restore from
log backups for
point in time
NetApp Confidential – Limited Use
Note: Log backups in SQL are done via streaming backup rather
than Snapshot copy.
SQL Server example:
48. Support for VMware
SnapProtect communicates with vSphere via the Virtual Server
Agent (VSA)
The VSA must be installed on a media agent
Takes VMware level snapshots then NetApp snapshot
VM contents can be indexed allowing full VM recovery and
single file recovery (Windows VMs)
– 9.0 SP5 required for indexing VMs that span multiple datastores
Live-browse support for Windows VMs eliminates the need to
index during backup
Linux VMs (ext3) allow single file restore from streamed backup
only (requires LinuxMetadataSupport registry key)
Discovery rules for automatic protection
Virtualized Exchange and SQL Server can be quiesced via VSS
integration during VM backup (when using VMDK for databases)
48NetApp Confidential – Limited Use
49. Support for VMware continued
During indexing, LUN clones are used for LUN
datastores; NetApp® FlexClone® is used for NFS
datastores
Options for full VM restores or single files
– Single file restore is for Windows VM only
Affinity allows new VMs to be protected automatically
Datastore affinity, for example, protects all new VMs for a
particular datastore
Mirroring and vaulting are supported, as well as
movement to tape
Vaulting uses the SnapProtect™ created Snapshot®
copy for consistent replication1
49NetApp Confidential – Limited Use
50. Support for VMware continued
50
SnapProtect
Server
Tape Library
VMware
SnapVault
SnapMirror
Consistent
Snapshot copies
Replicated
Snapshot
Copies
1. VMs are quiesced;
Snapshot® copy is created;
VMs are released
2. For NFS datastores, FlexClone® volumes
are created; for LUN-based datastores, LUN
clones are created; an ESX proxy can be used
to index the contents of the clone for granular
file-level recoverability
3. OnCommand handles provisioning of
secondary storage by using resource pools and
provisioning policies for replication
4. D2D replication with SnapVault® and/or
SnapMirror®
5. D2D2T with SnapProtect™ movement to
tape
ESX Proxy
Indexing
Secondary
Storage
ProvisioningOnCommand
Server
VSA
Tape
Streaming
Through
Media
Agent
NetApp Confidential – Limited Use
ESX
51. Support for VMware continued
VM-level backups
– Supports Exchange and SQL Server®
No support for Exchange DAG
– Exchange / SQL Server must live in VMDKs
– Requires base agent (File System iDA) and the
VSS Provider software1
– VSS integration for database consistency
– Option to perform log truncation during
Exchange backup
– Recover flat database files and use mining
tools for granular recoveries (for example, mail
messages)
51
Virtualized applications using Virtual Server Agent
NetApp Confidential – Limited Use
52. Support for VMware continued
Application backups
– Treat client as a physical host and install client
software as required
– Use appropriate agents for given application
– Application cannot live in a VMDK
Use RDM (see RDM support)
Or use direct attached iSCSI
Oracle agent supports NFS
52
Virtualized applications using application agent
NetApp Confidential – Limited Use
53. Support for VMware continued
RDM Support
– Data in RDMs cannot be protected using the Virtual Server
Agent (VSA)
– To protect data in RDMs you must use a file system agent or
application agent within the guest OS
– RDM must be physical mode (virtual mode not supported)
– RDM must be iSCSI protocol (FC protocol not supported)
– Client will need to establish iSCSI connection from client to
NetApp array as a communications link for creating Snapshot
copy (not as a data path)
Client direct attached iSCSI (instead of RDM) is also
supported
53NetApp Confidential - Internal Use Only
54. Support for VMware continued
vCenter Plug-In
– Available via web console or from vCenter
– Used for single file restore from VM backup
Windows VMs only
Not for whole VM restore
– For whole VM restore use SnapProtect console
54NetApp Confidential – Limited Use
55. Support for VMware continued
SFSR (Single File SnapRestore) for VMDKs
– Accelerated Array based restore of entire Virtual Machine
– Available for all supported virtual machine platforms
– Available when performing whole VM restore
– Available for NFS datastores only
– Available for in-place restore only
– Available when restoring from primary Snapshot copy
– Configuration files also get reverted
– If VM is powered on it will get powered off prior to revert
– SP6a required for VMs that span multiple datastores
To perform SFSR for NFS VMDKs
– Under advanced restore options when restoring VM select “Use
hardware revert capability if available”
55NetApp Confidential – Limited Use
56. Support for VMware continued
Specific VMware datastores can be excluded
from backup / replication (requires 9.0 SP7)
– Typical use case would be to exclude a
datastore dedicated to guest page file data
– Enable via registry key on the media agent
running the Virtual Server Agent (VSA)
PageFileDatastoreFilter
56NetApp Confidential - Internal Use Only
Datastore exclusions
57. Support for VMware continued
By default VMware backups will use the
„quiesce the guest file system‟ option when
creating VMware snapshots
Disable file system quiesce phase with
registry key on the VSA media agent
– VwSkipQuiesceVM
– Requires 9.0 SP6a
57NetApp Confidential - Internal Use Only
Skip file system quiesce
58. Support for VMware continued
58NetApp Confidential - Internal Use Only
When backing up VMware data to tape at a remote site the the
following registry key must be added to the remote VSA proxy to
specify the IP or hostname of the remote proxy ESX server
– sProxyESX (requires 9.0 SP6a or later )
Remote copy to tape
SnapVault or SnapMirror
Media Agent / VSA
(virtual host)
Proxy ESX
Production ESX Remote Proxy ESX
Media Agent / VSA
(virtual host)
Media Agent attached
to library
Registry key goes here
Site A Site B
59. Proxy based backups for VMWare
59NetApp Confidential - Internal Use Only
• Proxy will be used to mount NetApp snapshot copies.
• Offload indexing of VMs to another ESX host.
• Production servers are not taxed for performance.
• Restores can also be performed through a proxy host
60. Support for Hyper-V
The VSA and media agent software must be installed on each
Hyper-V server
VSS is required in order to backup an online Windows VM
Single file restore support for Windows and Linux VMs (EXT3)
No live-browse support
In-place restore of VM requires that you first delete the original
VM
Pass thru disks are not supported
Auto discovery limited to naming convention
60NetApp Confidential – Limited Use
61. Tape Management
61
NDMP dump
– Uses NetApp NAS NDMP iDA
– Contents are indexed
SMTape (Data ONTAP 8.0.1 or later)
– Uses NetApp NAS NDMP iDA
– Contents are NOT indexed
Streaming through media agent
– All other iDAs
– Contents are indexed
NetApp Confidential – Limited Use
62. Tape Management continued
62
NDMP dump (to dump direct from volume)
– By default, SnapProtect will dump from snapshot copies
that were created during subclient backup
– To disable SnapProtect snapshots and dump directly
from the volume
disable the SnapProtect option in the subclient properties
NetApp Confidential – Limited Use
63. Tape Management continued
63
NDMP dump (to dump from specific snapshot)
– By default, SnapProtect will dump from snapshot copies
that were created during subclient backup
– To dump from a specific snapshot
Disable the SnapProtect option in the subclient properties
Enter the snapshot name in the advanced backup options
when running or scheduling the backup
NetApp Confidential – Limited Use
64. Restoring Data
Can restore from any copy by browsing data
from a particular copy number
– The copy numbers are defined in the Copy
Precedence tab in the storage policy properties
Can revert an entire volume or LUN by using
SnapRestore®
– This can be dangerous; use caution!
To browse or search backup data, right-click
the subclient
64NetApp Confidential – Limited Use
65. Scheduling
Several ways to schedule backups and
replication
– Schedule policies
– Individual schedules (per subclient, etc.)
– Hourly, daily, weekly, monthly, yearly
– Fulls and incrementals
Can also schedule restores and client installs
65NetApp Confidential – Limited Use
66. Retention
Retention options
– All backups
– All full backups
– Weekly full backups
– Monthly full backups
– Quarterly full backups
– Half yearly full backups
– Yearly full backups
66NetApp Confidential – Limited Use
67. Retention continued
Jobs-based retention (introduced in SP5)
– Allows retention to be based on jobs (snapshots) rather
than days / cycles
Works when using fulls
Works when using combination of fulls and incrementals
Not recommended to use this for application agents unless
only full backups are used. This is because a log-only
backup could remain available while it‟s full database
backup could have expired
67NetApp Confidential – Limited Use
68. Retention continued
Basic and Extended Retention Rules
– Basic rules are required by default (cycles, days)
– Extended rules configured optionally are intended to be
flexible to meet a wide range of business requirements
Cycle
– A cycle starts with a FULL backup and includes all associated
Incremental backups
– A cycle must start with a FULL
(can‟t have only Incremental backups in a cycle)
– A cycle is complete when the next FULL backup completes
Days
– The number of calendar Days
– Day is 24 hrs. from the completion time of the job
68NetApp Confidential – Limited Use
69. Retention continued
Retention is defined in the Storage Policy copies
Retentions using both Cycles and Days
The number of Cycles have to be exceeded
AND
The number of Days have to be exceeded
before backup jobs expire
Retentions are defined for all backup jobs, replication
jobs and tape copies
Aging Process removes expired jobs
– Default schedule time is Noon daily
69NetApp Confidential – Limited Use
70. Retention continued
Utilize both Cycles and Days for most backups
Optionally configure only Full backups using only
Cycles (no Incremental backups)
– For Full, simply use cycles only and 0 days
FULL backups
Example: Daily backups for 10 days = 0 days/10 cycles
Example: Hourly backup for 6 hours = 0 days/6 cycles
Only complete Cycles expire
– Full backup and all dependent Incremental backups
– A complete Cycle is required for restore
70
Recommendations
NetApp Confidential – Limited Use
71. Retention continued
71
Retain 2 Cycles
First set of Full and Incremental backups finish.
First Cycle is complete when next Full backup completes.
Next backups finish. Cycle is complete after next Full completes.
Oldest Cycle expires.
FS
IS
IM
FT
IW
IT
FF
2 21 1 11
Cycles example
NetApp Confidential – Limited Use
72. Retention continued
Using full backups only
Criteria:
Schedule: daily full + hourly fulls
Keep 10 daily fulls on primary array
Keep 23 hourly fulls on primary array
SnapVault once per day
Keep 30 daily fulls on vault array
Keep a year of weekly fulls on vault array
Use two backup sets, two subclients, and two
storage policies to set this up
72
Use case example 1
NetApp Confidential – Limited Use
73. Retention continued
Backup set A
Configure subclient A and create a daily full schedule
This subclient is associated with storage policy A
Backup set B
Configure subclient B and create an hourly full schedule
This subclient is associated with storage policy B
Storage policy A
Configure retention as follows
– Primary(Snap) basic retention – retain all backups for 0 days, 10 cycles
– Vault basic retention – retain all backups for 0 days, 30 cycles
– Vault extended retention – retain weekly fulls for 365 days
Storage policy B
Configure retention as follows
– Primary(Snap) basic retention – retain all backups for 23 cycles
73
Use case example 1
NetApp Confidential – Limited Use
74. Retention continued
74
Storage policy A
Storage policy B
Primary(Snap) copy
Vault copy
Primary(Snap) copy
Use case example 1
NetApp Confidential – Limited Use
75. Retention continued
Using full and incremental backups
Criteria:
Schedule: daily full + hourly incrementals
Keep 7 days of backups on primary array
SnapVault once per day
Keep 30 daily fulls on vault array
Keep a year of weekly fulls on vault array
Use one backup set, one subclient, and one
storage policy to set this up
75
Use case example 2
NetApp Confidential – Limited Use
76. Retention continued
Backup set A
Configure subclient A and create a daily full schedule as well as
an hourly incremental schedule
This subclient is associated with storage policy A
Storage policy A
Configure retention as follows
– Primary(Snap) basic retention – retain all backups for 7 days, 7 cycles
– Vault basic retention – retain all backups for 1 day (see notes)
– Vault extended retention – retain 30 daily fulls (or 29 if you consider the one
from basic retention)
– Vault extended retention – retain weekly fulls for 365 days
76
Use case example 2
NetApp Confidential – Limited Use
78. Role Based Security
Integration with Active Directory
Limit users to specific objects
and capabilities
Limit user views
78NetApp Confidential – Limited Use
79. vFiler Support
Cannot replicate to a vFiler (mirror or vault)
Indexing of source vFiler volume (NAS iDA)
requires Data ONTAP 8.1.1 +
Mirroring of source vFiler requires option
„vfiler.vol_clone_zapi_allow”
79NetApp Confidential – Limited Use
80. Import Tool
Import tool creates NetApp clients, NAS subclients, and storage
policies for existing OnCommand relationships
Imports non-application datasets (import tool is for NAS only)
Imports external relationships except:
– QSM relationships
– Volume SnapVault relationships
– Fan-out relationships
– OSSV relationships
Registers Snapshot copies for primary array
Creates XML file which can be edited before final import
Import does not preserve any throttle settings
Does not import schedules, jobs, or Snapshot copies of external
relationships
Location… <Install Dir>BaseSnapProtectImport.exe
80NetApp Confidential – Limited Use
82. Database Cloning ( SQL and Oracle )
Leverages NetApp FlexClone and Snapshot capabilities to clone
application consistent SQL / Oracle Databases
Cloned Databases are application consistent and the cloning
activity can be performed from SnapProtect management console
Database Cloning ( SQL and Oracle ) can be performed only on
full backups
Cloned Databases can be attached to the same or any other SQL
/ Oracle Server
Cloned Databases can be used to perform Test/Dev, Analytics
82NetApp Confidential – Limited Use
83. Database Cloning ( SQL and Oracle )
Cloned Databases reserved based on the
reservation period specified
Use Case
– Customer wants to create an application consistent
clone of SQL/Oracle Database and wants to
perform Test/Dev activities on that clone. Customer
can use an existing full backup or create a new full
backup of the SQL/Oracle Database. The customer
can then leverage the SnapProtect Database
Cloning feature and use the full backup to create an
application consistent clone of SQL/Oracle
database and perform Test/Dev activities on that
clone
83NetApp Confidential – Limited Use
84. Database Cloning ( SQL and Oracle )
84NetApp Confidential - Internal Use Only
85. Database Cloning ( SQL and Oracle )
85NetApp Confidential - Internal Use Only
86. Multithreaded VSA
Prior to V10 SP2B version of SnapProtect, users could take application consistent
VMware backup of one VM at a time ( serial basis )
Starting V10 SP2B, users can take application consistent VMware backups of
multiple VMs in parallel
– Enables faster VMware backups
– Control the number of VMs to be parallelized by using the following registry
key settings
VwSnapThreadCount - Controls the maximum number of concurrent
software snapshot operations
VwDatastoreSnapThreadCount – Controls the maximum number of
concurrent software snapshot operations on a datastore
– Keep the following factors in mind when using the “VwSnapThreadCount” and
“VwDatastoreSnapThreadCount” registry keys
– How busy ( IOPS ) are your VMs that need to be protected (backed up)
– Number of VMs that are protected in a single job
– Performance of the storage containing the VMDKs
– Layout of the datastores
(Engage Professional Services to evaluate the above factors and architect the
Multithreaded VSA feature in SnapProtect accordingly)
86NetApp Confidential – Limited Use
90. Deferred Indexing ( By Time and Location )
Allows users to defer indexing operation at a
later time
Eliminates the impact of indexing on
production activities
Enables decoupling of indexing and backup
schedules
Option to specify primary or secondary (vault
and mirror) Snapshot copy for indexing
operation
Catalog browse and search capability
available once indexing operation is complete
90NetApp Confidential – Limited Use
91. Deferred Indexing ( By Time and Location )
Use Case
– Customer has millions of files as the contents of
the volume on the primary which causes
indexing to take a long time. Customer wants to
decouple backup and indexing schedules i.e
run the backup job first and perform indexing
operation at a later time on the secondary.
Deferred Indexing allows customers to perform
indexing on secondary after backup job has
completed. This will result in backup jobs
finishing quickly and the indexing operation can
be run at a later time.
91NetApp Confidential – Limited Use
92. Deferred Indexing ( By Time and Location )
92NetApp Confidential - Internal Use Only
93. NAS Live Browse
Allows users to browse and restore NAS data
directly from snapshot without the need to
catalog
Option to use either Primary or Secondary (
vault and mirror ) Snapshot copy for browsing
and restoring NAS data
Also called “Browse From Snapshot”
93NetApp Confidential – Limited Use
94. NAS Live Browse
Use Case
– Customer wants to have the ability to do file
level restores on NAS data but does not feel the
need to spend time cataloging the data. NAS
Live Browse feature gives customers the ability
to perform file level restores on NAS data
without cataloging data.
94NetApp Confidential – Limited Use
96. Selective Copy
Allows users to select only a particular primary
Snapshot copy that can be used to perform the
vault operation based on the rules specified
Applicable for full backups only
Applicable for vault operation only ( not mirror )
Use Case
– Customer wants to perform vault operation only
on the first full backup in every week. If the
week starts on Friday, the first full backup
performed on or after Friday will be selected for
the vault operation
96NetApp Confidential – Limited Use
98. Extended Retention
Allows users to retain specific full backups for a longer
period of time in addition to the basic retention period
Applicable for full backups only
Allow users to define up to three additional "extended"
retention periods for full backups.
Example
– You may want to retain your weekly full backups for
30 days.
– You may want to retain your monthly full backup for
90 days.
– You may want to retain your yearly full backup for
365 days.
98NetApp Confidential – Limited Use
99. Extended Retention
Use Case
– Customer has basic retention period of 14 days,
2 cycles on the Primary snap. Customer has a
business requirement to extend the retention of
monthly full backups for 1 year. Using the
Extended Retention feature, customer can
extend the retention of one full backup per
month for 1 year.
99NetApp Confidential – Limited Use
101. VMware Datastore Exclude
Allows users to exclude certain datastores from
VMware backup
Datastores excluded by using the “Filters” tab under
“Properties” section of VMware subclient
Use Case
– There is a virtual machine VM1 with a OS on
DataStore1, Program File information on
ESX_DataStore, and other data ( page files,
application agent protected by other IDAs, etc) on
DataStore2 and DataStore3. Customer wants to
exclude DataStore2 and DataStore3 but wants to
include DataStore1 and ESX_DataStore during
backup of VM1
101NetApp Confidential – Limited Use
105. BLI For SMTape
Prior to V10 SP2B, SnapProtect only supported block
level full backups to Tape when using SMTape
Starting V10 SP2B, SnapProtect now supports block
level incremental backups in addition to block level full
backups to Tape when using SMTape
Use Case
– Customer does not have enough bandwidth to
perform Mirror operations over the wire. By using
SMTape ( SnapMirror to Tape ), customers can
perform full and incremental backups to tape, ship
tapes to the secondary location, read from those
tapes and seed the mirror relationship with the
primary
105NetApp Confidential – Limited Use
106. Oracle and Lotus Notes Support on
Windows
SnapProtect now supports Backup for Oracle
(10g and 11g ) and Lotus Notes ( 8.0.x and
8.5.x) on Windows
– Refer to SnapProtect IMT for more information
106NetApp Confidential – Limited Use
107. Vserver Aware NDMP Backups To Tape in
Clustered Data ONTAP 8.2
SnapProtect now supports Vserver aware NDMP
backups to tape starting clustered Data ONTAP 8.2
Use Case
– Customer has a 4 node cluster and a Vserver that spans
across all the 4 nodes. Customer is using clustered Data
ONTAP 8.2 and using NDMP to backup data from a
volume1 on node1 to a tape device. Customer feels the
need to move volume1 from node1 to node2 within the
same Vserver for load balancing purposes. When the
volume is moved to node2 within the same Vserver, the
process is completely transparent to the user and has no
impact on the existing NDMP backup to tape and the
customer can continue to perform NDMP backups to
tape as usual
107NetApp Confidential – Limited Use
109. Installation Tips
A temporary license is built into the product
Installing the software cache allows for push-
install of client binaries from the CommServe
To update the software cache for other
platforms or service packs use the
„CopyToCache‟ executable
Prepare a locations for indexes and DR
backups (NetApp storage)
– Create disk libraries for each of these, but
create the one for DR backups first!
109NetApp Confidential – Limited Use
110. Configuration – General
Add all NetApp arrays and OnCommand servers into
the array management control panel
Add NetApp arrays into OnCommand using the
NetApp Management Console
Create secondary resource pools using the NetApp
Management Console
Proper hostname resolution between all systems is
key to success
110NetApp Confidential – Limited Use
111. Configuration – General continued
Array credentials and NDMP credentials
– OnCommand and SnapProtect™ require both
array credentials and NDMP credentials
For array credentials in SnapProtect:
– A non-root user can be used1
NetApp1> useradmin role add snapprotectrole -c ”SnapProtect Management Role" -a login-
ndmp,login-http-admin,api-*
NetApp1> useradmin group add snapprotectgroup -c ”SnapProtect Management Group" –r
snapprotectrole
NetApp1> useradmin user add snapprotectuser -c ”SnapProtect Management Account" -n ”S
Admin" –g snapprotectgroup
– The same user can be used for NDMP credentials
by using the encrypted password
NetApp1> ndmpd password snapprotectuser
111NetApp Confidential – Limited Use
112. Configuration – General continued
DR backups for SnapProtect™ and
OnCommand
– Protect SnapProtect catalog database
– Protect OnCommand database
SnapProtect DR backups
– DR backups are two-phase:
Export phase uses local disk or network drive
Backup phase uses CommServeDR storage
policy to push to tape or disk
112NetApp Confidential – Limited Use
113. Configuration – General continued
OnCommand database backups
– Two modes:
Archive: Slower but creates portable zip
Snapshot: Fast but not portable; requires
SnapDrive®
Run SnapProtect™ DR backup first, then
OnCommand database backups1
113NetApp Confidential – Limited Use
114. Configuration – General continued
114
C:Program FilesNetAppSnapProtectCommserveDR
/vol/CSDBExport/vol/CSDBBackup
CommServe
1
2
3
NetApp Confidential – Limited Use
Configuring DR Backups
115. Configuration – General continued
115
CommServe
I:SharedIndexPri
S:SharedIndexSec
/vol/SharedIndexPri /vol/SharedIndexSec
VSA
MediaAgent
Other
MediaAgents
I:SharedIndexPri
S:SharedIndexSec
I:SharedIndexPri
S:SharedIndexSec
VSA
MediaAgent
Other
MediaAgents
I:SharedIndexPri
S:SharedIndexSec
I:SharedIndexPri
S:SharedIndexSec
2 Disk Libraries
SharedIndexPri
SharedIndexSec
SharedIndexPri
SharedIndexSec
NetApp Confidential – Limited Use
Configuring Index Locations
116. Configuration – NAS
Add NetApp primary array as client
Create storage policy and subclient as
needed
116NetApp Confidential – Limited Use
117. Configuration – VMware
Create a VM to act as a Media Agent running the
Virtual Server Agent (VSA)
Create a VMware instance (right click the Virtual
Server iDA)
117NetApp Confidential – Limited Use
118. Configuration – VMware continued
VSA subclients
– Subclients will contain either individual VMs or
discovery-based objects
– Associate subclients with storage policies
118
Subclient
MediaAgent (VSA)
WinVM1
WinVM2
WinVM3
Backup Set
(Individual VMs)
Subclient
MediaAgent (VSA)
Datastore1
Datastore2
Datastore3
Backup Set
(Datastore Affinity)
Subclient
MediaAgent (VSA)
vAPP1
vAPP2
vAPP3
Backup Set
(vAPP Affinity)
Enable discovery rules in the properties of the backup set
Index Windows VM contents by enabling granular recovery option
NetApp Confidential – Limited Use
119. Configuration – VMware continued
Restore individual VM files to a staging area
– Nothing required to be installed in the VM
– Use local disk or UNC path during restore
Use “impersonate user” setting when restoring to
UNC path to set network credentials
Restoring individual files back into a VM
– Some agents needed inside the VM
Windows File System iDA
Virtual Server Agent (VSA) for
Windows file restores
119
SnapProtect Agents
Windows File System iDA
Virtual Server Agent
(VSA)
WinVM1
Windowsonly!
NetApp Confidential – Limited Use
Restoring individual files
120. Configuration – VMware continued
Protecting Exchange or SQL Server running
inside a VM using Virtual Server Agent
– Exchange / SQL Server must live in VMDKs
– Uses VSS for app consistency
– Exchange allows for log truncation
– Some binaries needed inside the VM
The Windows File System iDA and VSS Provider are required
The VSA allows file restores directly back to the VM
Snap Mining1 as well as the Exchange
Offline Mining Tool2 allow for Exchange
message level recovery
120
SnapProtect Agents
Windows File System iDA
Virtual Server Agent (VSA)
VSS Provider
Exchange Offline Mining Tool2
ExchVM1
NetApp Confidential – Limited Use
121. Configuration – VMware continued
Goal File System iDA VSS Provider VSA
Restore
entire VM
Not required Not required Not required
Granular
indexing
Not required Not required Not required
Restore to
staging area
Not required Not required Not required
Restore files
back to VM
✔ Not required ✔
Protect
Exchange or
SQL in VM
✔ ✔ Not required
121
Windows VMs
– What needs to be installed in the guest VM?
Required Components
NetApp Confidential – Limited Use
122. Configuration – VMware continued
Several discovery options for VMware
Be careful not to fall into the replication pitfalls
Use the volume as a boundary
– Protect everything in the volume with a single subclient
This means all contents must have same schedule and retention
Example below is not ideal
122
NetApp® Primary
Volume
Subclient 1
Subclient 2
Storage Policies with
Mirror/Vault copy
Subclient 3
vApp1
vApp2
vApp3
vApp1
vApp2
vApp3
vApp1
vApp2
vApp3
vApp1
vApp2
vApp3
Example:differentschedule
andretentionrequirementsDiscovery
NetApp Confidential – Limited Use
123. Configuration – VMware continued
Several discovery options for VMware
Be careful not to fall into the replication pitfalls
Use the volume as a boundary
– Protect everything in the volume with a single subclient
This means all contents must have same schedule and retention
Example below is better
123
NetApp® Primary
Volume
Subclient 1
Storage Policy with
Mirror/Vault copy
vApp1
vApp2
vApp3
vApp1
vApp2
vApp3
Example:sameschedule
andretentionrequirementsDiscovery
NetApp Confidential – Limited Use
124. Configuration – VMware continued
The media agent (VSA) must have access to
the private storage network
Add the public and private interface names for
the primary array into the “Array Management”
control panel in SnapProtect
124
Private Storage Networks
NetApp Confidential – Limited Use
Private Storage Network
Public Network
Media Agent ESX Server
Primary Array Secondary Array
192.168.0.1
10.61.0.1
CommServe OnCommand Server
10.61.0.2 10.61.0.3
10.61.0.5
10.61.0.4
10.61.0.6
192.168.0.2
192.168.0.3
See slide notes
for more detail.
125. Configuration – Applications
SnapProtect client (the app server) needs the
following binaries installed
File System iDA (Windows, Linux, etc)
Application agent (Exchange, Oracle, etc)
VSS Provider (Windows)
MediaAgent
Backups are then configured using the particular
application iDA for the client
125NetApp Confidential – Limited Use
Note: SQL does a streaming log backup. Other database apps use
Snapshot copies for log backups.
126. Proxy based backups for Exchange
Installation of the Exchange management
tools on the proxy is required.
When to use a proxy server:
– Performing integrity checks on Exchange 2010
DAG subclients
– Exchange server has a multiple huge
databases with 1000s of users
– Offload the indexing of contents to the proxy
server
– Do not want to directly involve the Exchange
server in any kind of backup/restore operations
126NetApp Confidential - Internal Use Only
127. D2D replication is configured within
the storage policy (right click storage
policy create new snapshot copy)
Copy dependencies within the
storage policy define the replication
options
A vault-to-vault option is not
supported
Configuration – Replication
127
Primary(Snap)
Mirror Copy
Primary(Snap)
Vault Copy
Storage PolicyStorage Policy
Primary(Snap)
Mirror Copy
Storage Policy
Vault Copy
Primary(Snap)
Vault Copy
Storage Policy
Mirror Copy
Primary(Snap)
Mirror Copy
Storage Policy
Mirror Copy
Note: The arrows ( ) point to the source copy for each of the copies in the storage policy.
This illustrates the source dependency, not the direction of the data flow.
Vault Mirror
Mirror then Vault Vault then Mirror Mirror then Mirror
NetApp Confidential – Limited Use
128. Configuration – Replication continued
128
Primary(Snap)
Mirror Copy
Storage Policy
Vault Copy
Primary(Snap)
Mirror Copy
Storage Policy
Vault Copy
Vault Copy
Primary(Snap)
Mirror Copy
Storage Policy
Mirror Copy
Primary(Snap)
Mirror Copy
Storage Policy
Mirror Copy
Vault Copy
Note: The arrows ( ) point to the source copy for each of the copies in the storage policy.
This illustrates the source dependency, not the direction of the data flow.
Mirror and Vault Mirror and Mirror
Mirror then Vault, and Vault Mirror then Vault, and Mirror
NetApp Confidential – Limited Use
129. Configuration – Replication continued
Understand where your data is
Multiple subclients for a single volume can cause
unwanted replication in some cases
Example below is not ideal
129
NetApp® Primary
Volume
F:
F:
F:
LunA
LunB
LunC
LunA
LunB
LunC
Subclient 1
Subclient 2
Storage Policy with
Mirror/Vault copy
LunA
Subclient 3
LunB
LunC
LunA
LunB
LunC
Hosts with LUN
Connectivity
NetApp Confidential – Limited Use
130. Configuration – Replication continued
Understand where your data is
Multiple subclients for a single volume can cause
unwanted replication in some cases
Example below is better
130
F:
F:
Subclient 3
LunC
LunB
Subclient 1
Subclient 2
Subclient 3
LunA
LunB
LunC
F:
LunA
Hosts with LUN
Connectivity
Storage Policy with
Mirror/Vault copy
NetApp Confidential – Limited Use
131. Configuration – Replication continued
Configure replication for a storage policy
– Right click the storage policy All tasks Create
New Snapshot Copy
Give the copy a name (such as “Vault Copy”)
Populate the index destination criteria
Select the protection type
For vault copies, work through the retention tab
On the copy policy tab, select the source for the copy
On the provisioning tab, select the provisioning policy and
resource pool to be used for the destination
131NetApp Confidential – Limited Use
132. Configuration – Replication continued
Modify the copy precedence definitions for the
storage policy
– Right click the storage policy Properties
Under the Copy Precedence tab, set the precedence
Move “Primary(Classic)” to the last position
132NetApp Confidential – Limited Use
133. Configuration – Replication continued
The copy precedence definitions are important when
restoring from replicated copies
– In advanced browse options, “Browse from copy precedence”
indicates which copy to restore from
Copy 2, in this example, would be the vault copy
133NetApp Confidential – Limited Use
134. Configuration – Tape Copies
Tape copies are managed by storage policies
For NDMP / SMTape the source array needs
to be a client to establish NDMP credentials
First you will need add the tape library using
the “Library & Drive Configuration” utility
Next, in the properties of the storage policy
under the Snapshot tab
– Enable backup copy
– Modify selection rules (such as weekly fulls)
– Specify source for backup copy
134NetApp Confidential – Limited Use
135. Configuration – Tape Copies continued
Storage policy properties
135NetApp Confidential – Limited Use
136. Configuration – Tape Copies continued
Create a new backup copy
– Right click the storage policy All tasks Create
New Copy
Give the copy a name (such as “Tape Copy”)
Populate the destination criteria
Adjust the retention
Click OK
– Right click the new backup copy Properties
On the General tab, set as Primary Copy
Click OK
– Delete the “Primary(Classic)” copy
136NetApp Confidential – Limited Use
137. Configuration – Tape Copies continued
Creating the backup copy
– Note: the Primary Copy box is available after you create
the copy and then view properties afterwards
137NetApp Confidential – Limited Use
138. Configuration – Tape Copies continued
Check the storage policy properties and make sure
the copy precedence numbers are set appropriately
138NetApp Confidential – Limited Use
139. Configuration – Tape Copies continued
To run a manual tape job
– Right click the storage policy All Tasks Run
Backup Copy
139NetApp Confidential – Limited Use
140. Configuration – Schedule Policies
Right click Schedule Policies Add
– Give the policy a name (such as “NAS Schedule Policy”)
– For Type choose Data Protection
– For Agent Type select the specific type of agent (such as
NAS NDMP, Virtual Server, etc)
140NetApp Confidential – Limited Use
– Use the Add button to add
schedules to the policy such as
“Weekly Full”
“Daily Incr”
Backup (local snapshot)
Vault
Copy
Primary
Snap
141. Configuration – Schedule Policies continued
On the Associations tab, select the NetApp clients
and subclients to be associated with this schedule
policy
Click OK to save
141NetApp Confidential – Limited Use
Backup (local snapshot)
Vault
Copy
Primary
Snap
142. Configuration – Schedule Policies
Right click Schedule Policies Add
– Give the policy a name (such as “NAS Vault Schedule Policy”)
– For Type choose Auxiliary Copy
142NetApp Confidential – Limited Use
– Use the Add button to add
schedules to the policy such as
“Daily Vault”
Replication (disk-to-disk)
Vault
Copy
Primary
Snap
143. Configuration – Schedule Policies continued
On the Associations tab, select the storage policy to
be associated with this schedule policy
Click OK to save
143NetApp Confidential – Limited Use
Replication (disk-to-disk)
Vault
Copy
Primary
Snap
144. Configuration – Schedule Policies
Right click Schedule Policies Add
– Give the policy a name (such as “NAS Tape Schedule Policy”)
– For Type choose Backup Copy
144NetApp Confidential – Limited Use
– Use the Add button to add
schedules to the policy such as
“Weekly Tape”
Tape copy
Vault
Copy
Primary
Snap
145. Configuration – Schedule Policies continued
On the Associations tab, select the storage policies to
be associated with this schedule policy
Click OK to save
145NetApp Confidential – Limited Use
Tape copy
Vault
Copy
Primary
Snap
147. Limitations General
Doing hourly and daily backups is not straight forward
because basic retention rules don‟t allow hourly and
daily retention.
– You could create multiple backup sets, but applications
don‟t allow multiple backup sets
– Alternative is to introduce incremental backups
– Must consider the number of Snapshot® copies when
doing incremental backups
Throttling capabilities are currently lacking. Using the
global replication throttle in Data ONTAP® might be
preferable until this is improved.
NAS backups index uses SnapDiff. Performance
could be problematic for volumes with many objects.
Incremental backups help alleviate this.1
147NetApp Confidential – Limited Use
148. Limitations General
Indexing operations are done only on the primary
today
Application verifications are done only on primary
storage today
There is no option to perform crash consistent
backups for any of the applications (including
VMware®); All backups will be consistent
The root volume (typically vol0) cannot be vaulted or
mirrored using SnapProtect because the root volume
does not allow for FlexClone. Avoid protecting the
root volume with SnapProtect.
148NetApp Confidential – Limited Use
149. Limitations General
We only support NetApp disk, so any disk libraries
that are used for backup-to-disk must point to NetApp
storage; Nothing prevents non-NetApp storage from
being used for disk libraries, but it‟s not supported
(non-NetApp VTL is fine)
No intelligent cloning for applications
SnapProtect cannot manage NetApp data
compression (OnCommand limitation)
– Compression would need to be enabled manually
NAS data that contains filenames / directory names
with non-ASCII characters causes errors within
SnapDiff which cause SnapProtect backups to fail.
149NetApp Confidential – Limited Use
150. Limitations General
To improve SnapDiff performance for indexing NAS
data, the convert_ucode flag should be enabled for
the volume. Ideally this should be done prior to any
data or snapshots being created on the volume.
(BURT 533349)
150NetApp Confidential – Limited Use
151. Limitations General
Renaming volumes and updating datasets
from within SnapProtect is not currently
supported.
Searching for all versions of files that have
been backed up is not currently supported.
151NetApp Confidential - Internal Use Only
152. Limitations Replication
A replication job cannot be updated more frequently
than its source job
– Example: If SnapProtect™ creates hourly Snapshot
copies on the primary, you cannot update SnapMirror®
every 15 minutes. You can schedule it, but the job will
say there is nothing to do.
There is a serious bug related to restoring a vaulted
qtree that has been removed (BURT 570835)
152NetApp Confidential – Limited Use
153. Limitations VMware
There is no way to perform a “crash consistent”
backup of VMs using the Virtual Server Agent. All
VMware backups create VMware snapshots prior to
the NetApp snapshot
Only Windows VMs can be indexed for single file
restore from the snapshot copy. Linux VMs do not
have this same functionality.
153NetApp Confidential – Limited Use
154. Limitations VMware
VMware indexing and single file restore from
snapshot can only be done for Windows VMs
– Linux can only be indexed for single file restore when
streamed to tape or disk (not from snapshot) and only
when for ext3
154NetApp Confidential – Limited Use
155. Limitations VMware
The VMware Raw Device Mapping (RDM) support includes the
following limitations:
– RDM data cannot be protected using the Virtual Server Agent
(VSA). RDM data can only be protected using a file system or
application agent within the guest operating system
– RDM can only be configured in physical compatibility modes.
Virtual compatibility modes are not supported.
– Only RDM iSCSI protocols are supported. Fibre Channel protocols
are not supported.
– Client must establish iSCSI connection from client to NetApp array
as a communications link for creating a Snapshot copy. Data path
links are not supported.
– Only client direct attached iSCSI is supported.
155NetApp Confidential - Internal Use Only
157. Log management
Log files provide detailed information about
the jobs that are running or completed in the
console.
Log files can be sent for review via:
– CommCell Console
– Remote web-based applications
– Command line
– Upload to a FTP server
Default max size of log files is 5 MB.
Using Process manager user can change the
debug level, log file size and log file count
157NetApp Confidential - Internal Use Only
158. Log management - contd
There are 5 types of log files that are generated for a
job. These are:
– CVD.log
– EvMgrS.log
– JobManager.log
– MediaManager.log
– CVMA.log
The View Log Files feature allows you to view log files
from the CommCell Console for any of the following:
– A CommServe, MediaAgent, or client.
– An active job in the Job Controller.
– A job in a job history window.
158NetApp Confidential - Internal Use Only
163. Resources continued
NetApp-U Courses
ABCs of SnapProtect Management Software
Technical Overview of the SnapProtect
Management Solution
Technical Positioning of the SnapProtect Solution
Architecting the SnapProtect Solution
Planning and Installing the SnapProtect Solution
Operating and Troubleshooting the
SnapProtect Solution
163NetApp Confidential – Limited Use
165. OSSV Plug-in
Overview
OSSV-style (block-level-incremental) backup of local file system
data on non-NetApp storage to NetApp FAS
– Windows
– Linux
– Solaris
Managed by the SnapProtect console
“Live browse” OSSV snapshots for restore
– Restore from SnapProtect console
– Restore from OSSV client
Cataloged OSSV NDMP tape backups
Supports pre & post backup scripts
165NetApp Confidential - Internal Use Only
166. OSSV Plug-in continued
166NetApp Confidential - Internal Use Only
C:
SysState
F:Data
Windows
SnapProtect
OSSV Plug-in
Steamed backup (File System iDA)
G:App
SnapProtect
Snapshots
/
/data
/app
3rd party backup app
SnapProtect
Snapshots
Linux / Solaris
OSSV Plug-in
Traditional backup
Use Cases
NetApp hosted application data
is protected via SnapProtect
Snapshot backup
Windows OS and local file
systems protected via OSSV
plug-in
Windows System State
protected with traditional
backup-to-disk via SnapProtect
Linux / Solaris local file systems
protected via OSSV plug-in
Linux / Solaris OS partitions
protected via 3rd party backup
application
OSSV
Destination
OSSV
Destination
Backup-to-Disk
(CIFS)
Application
Production
Volume
Application
Production
Volume
167. OSSV Plug-in continued
Things to know
The OSSV plug-in does not perform indexing of backups;
backup data is selected for restore via “live-browse” approach
The OSSV plug-in does not support replication of the backup
data (SnapMirror / SnapVault)
The OSSV plug-in does not provision secondary storage;
secondary volumes must be created manually
No application support
The OSSV plug-in solution consists of the following
– OSSV binaries (must install on each client first)
– OSSV plug-in (can push-install from SnapProtect)
OSSV 3.0.1 P4 is required; included on SnapProtect 9.0 SP6a
ISO
167NetApp Confidential - Internal Use Only
168. Preferred Network for Replication
The following is a copy/paste from TR-3710
168NetApp Confidential - Internal Use Only
So, how does SnapProtect fit into our Integrated Data Protection ecosystem?Our positioning of NetApp Backup and Recovery solutions and partner integrations is based on recovery and retention time as well as the breadth of the use in the customer’s environment.If the goal is Local recovery for Application and Virtualization Administrators, then recommend the SnapManager software family for the different applications supported (such as SnapManager for Exchange or for Oracle). Similarly, if the virtualization-centric approach is desired, then our SnapManager for Virtual Infrastructure or Hyper-V would be the appropriate options. Finally, SnapCreator is a framework that can extend SnapManager functionality to applications for which there are are not specific SnapManager products, such as Lotus Domino or custom applications.If the goal is Backup Management of Entire Environment,then NetApp SnapProtect is a complete backup and recovery solution delivering disk-to-disk-to-tape backup for long term retention, and which manages multiple applications, as well as multiple virtual infrastructures, from a single-pane-of-glass. Additionally, we will soon support snapshot copies from third party storage to NetApp FAS secondary, and therefore will be able to cover heterogeneous storage environments in the Enterprise.If the goal is Integration with anExisting Backup Infrastructure, then suggest that the customer leverage their existing vendor’s integration with our storage to manage Snapshot copies. Many customers have made an investment in backup and recovery software infrastructure and look for a way to improve efficiency, performance and overall data availability. We partner with industry leading backup and recovery vendors such as Symantec, IBM, CommVault, and Syncsort who have integrated their applications with NetApp IDP to provide our mutual customers the benefit of modern data protection.
1 Custom provisioning policies that are created in OnCommand must be named with a leading “SnapProtect_” in order for them to show up in the SnapProtect GUI (CommCell Console).
SnapProtect does not support QSM. If OnCommand is performing QSM for backups then the pmQSMBackupPreferred option in OnCommand should be set to “No”. In addition, make sure SnapVault is properly licensed.
1 When doing P-M-V (primary to mirror to vault cascade) the “snapvault.snapshot_for_dr_backup” option mustbe set to “named_snapshot_only” on the mirror destination system. If this option is not set, then the vault will not be replicated from the SnapProtect created snapshot and will instead be updated from the VSM created snapshot.
The NAS iDA can restore qtrees, directories, and files. In addition, it can use SnapRestore on the primary array to revert an entire volume. Live Browse functionality available from Snapshot w/o indexing.Single file restore (from a NetApp snapshot) for VMs only works for Windows VMs. For Linux, this only works when the backup is to a disk library or tape library (streamed copy). It is not currently possible to perform granular indexing or single file restore for Linux VMs from the NetApp snapshot using SnapProtect.3. SQL Server supports point-in-time restore with log replay.4. Message level restores are available via mining operations. You can use either the offline mining tool or you can configure and perform snap mining.5. Document level restores are available via snap mining operations. 6. Active Directory backups are accomplished via streaming backup from the Active Directory server. System State backups can also be done via streaming backup using the Windows File System iDA. This requires that you disable system state backup from the default subclient and enable system state backup in a new subclient (with no other content defined).7. When Exchange or SQL are virtualized and the databases are on VMDKs you can use the virtual server agent (VSA) to backup the VM and perform database consistency during the VM backup. Recovery is the VM, VMDK, or files and not specific to Exchange or SQL. The options for Exchange allow for log truncation during the VM backup. There are no option to truncate logs SQL using this approach. When protecting Exchange in this manor (using VSA), DAG is now supported.8. LN = Lotus Notes9. Lotus Notes Database iDataAgentsupports both the database and the database plus transaction log restore operations. Lotus Notes Document iDataAgent supports the restoration of documents.Please refer to Books Online for more detail on restore options.
No log management for Oracle today.
Registry key for the VSA media agent to enable Linux indexing for streamed backups.HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerDWORD: LinuxMetadataSupportValue: 1
1 When doing P-M-V (primary to mirror to vault cascade) the “snapvault.snapshot_for_dr_backup” option must be set to “named_snapshot_only” on the mirror destination system. If this option is not set, then the vault will not be replicated from the SnapProtect created Snapshot copy and will instead be updated from the VSM created snapshot.
The ESX server in the slide is the proxy that has a VM acting as a media agent running the Virtual Server Agent (VSA). This ESX server has access to the production datastores and allows hot-add transport mode for restores.
1 When application-level protection is required for Exchange or SQL Server during a VMware-level backup, the guest must be added as a client (by installing the base agent software and VSS provider). The VM will show up in the list of clients, but it is protected by using the VSA (on the proxy media agent).
1 When application-level protection is required for Exchange or SQL Server during a VMware-level backup, the guest must be added as a client (by installing the base agent software and VSS provider). The VM will show up in the list of clients, but it is protected by using the VSA (on the proxy media agent).
HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerName: PageFileDatastoreFilterValue Type: String valueValid data: names of datastores to filter separated by semicolon (ex. Datastore1;Datastore2)
The file system quiesce phase is good for data consistency, but it will increase the time it takes to create the VMware snapshot. Disabling the file system quiesce function will improve backup time at the cost of a more complete data consistent VMware snapshot.HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerName: VwSkipQuiesceVMValue Type: REG_DWORDValue: 1
Without this registry setting, the original ESX server which was used during the primary backup (set by the subclient properties) would also be used when mounting the remote snapshot when moving to tape. This would cause excessive WAN traffic. The registry key isolates the network traffic to the remote site.HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\<Instance>\Key: VirtualServerName: sProxyESXValue Type: REG_SZValid Range: Hostname or IP of the secondary ESX server
Linux EXT3 for single file restore capability. Files must be restored back to windows host (enabed via LinuxMetadataSupport registry key)Microsoft apps will always be consistent as this is a function of Hyper-V itself.Hyper-v only supports block data (no nfs / cifs)
The advantage to this approach is that we have more control over our retention in how we handle daily and hourly backups. The disadvantage is that for NAS backups we aren’t taking advantage of incremental indexing. In addition, you can’t really do this approach with many of the iDAs (NAS might be the only one). Applications, for example, are generally not going to allow this type of setup.
The advantage to this approach is that we have more control over our retention in how we handle daily and hourly backups. The disadvantage is that for NAS backups we aren’t taking advantage of incremental indexing. In addition, you can’t really do this approach with many of the iDAs (NAS might be the only one). Applications, for example, are generally not going to allow this type of setup.
The advantage to this approach is that we have more control over our retention in how we handle daily and hourly backups. The disadvantage is that for NAS backups we aren’t taking advantage of incremental indexing. In addition, you can’t really do this approach with many of the iDAs (NAS might be the only one). Applications, for example, are generally not going to allow this type of setup.
Since we are using fulls and incrementals here, a single cycle is an entire day of backups (24 backups… 24 snapshots). So to keep 7 days of backups on the primary will mean (7 x 24) roughly 168 snapshots.The advantage to this approach is that for NAS data we get incremental indexing (since we are doing incremental backups). However, we have less control over our retention compare to example 1.
Vault basic retention – retain all backups for 1 day…The way this works, SnapVault will replicate all of the snapshots that have been created since the previous replication (basically all 24 from the entire days worth of backups). And basic retention will retain ALL backups, which includes all of the incremental jobs. So we will retain this for only a short period of time… 1 day in this case.
Mirroring of source vFiler requires option ‘vfiler.vol_clone_zapi_allow”
1 OnCommand needs root access for array credentials, but can use snapprotectuser for NDMP credentials.
1 There is no interoperability here. These are independent processes that need to be scheduled independently.
This is an example where we have distributed the SnapProtect database exports and backups. We have a local export of the database locally on the CommServe. We can also send the exports to a remote location. The DB backups can be sent to a disk library or tape library according to the storage policy configuration.#1 The most recent export of the database lives locally on the CommServe.#2 The most recent as well as longer term exports of the database can be sent to a UNC path in a remote location. #3 The database backups are associated with the CommServeDR storage policy and sent to the disk library or tape library associated with that storage policy.
In this example we have a single volume at each site to store the index metadata. Each of those volumes are configured as disk libraries. All media servers for the primary site will point to the same disk library and all of the media agents at the secondary site will point to the same disk library. In this way, each media agent would be able to access each other’s index if necessary. When configuring replication (SnapVault or SnapMirror) the index location for those secondary copies should point to the index at the secondary site. This allows the indexes to be copied to the secondary site along with the actual data.You would want to do this same approach for any other sites in the environment so that indexes are properly copied to each location.
1 Snap Mining http://now/NOW/knowledge/docs/snapprotect/relsnap_protect90/html/software/admin_info/books_online/netapp/release_10_0_0/books_online_1/english_us/prod_info/snap_protect_clients.htm2 The Offline Mining Tool http://now/NOW/knowledge/docs/snapprotect/relsnap_protect90/html/software/admin_info/books_online/netapp/release_10_0_0/books_online_1/english_us/features/mining_tool/ex_mining_tool/ex_mining_tool.htm
When the VSA runs a backup, VMware returns the hostname or IP address associated with the private interface on the primary array (192.168.0.3 for example). If the datastores are configured using hostnames then VMware will return the hostname. If the datastores are configured using IP then VMware will return the IP address. SnapProtect will look for this entry in the list of configured arrays in “Array Management” to get authentication credentials. The media agent needs access to this private network in order to authenticate and issue API calls to create the snapshot on the primary array.In Array Management, you need two entries for the primary array – one for the public interface and one for the private interface. In this example we would need entries for 10.61.0.5 and 192.168.0.3 (both configured as primary file servers in Array Management).
When a storage policy is created for SnapProtect operations, it contains a “Primary(Snap)” copy. When you add a vault or mirror copy to the storage policy, it creates a storage service entry in OnCommand with the appropriate protection policy defined. The dataset in OnCommand is not created until the first replication job (or “auxiliary copy”) is performed.Stacking the snap copies within the storage policy builds the various cascades.
1 Due to the performance of SnapDiff, NAS backups will probably have to done by using a combination of full and incremental backups. The level of protection is the same (a NetApp Snapshot copy), but the indexing is different. For full NAS backups, a full index is performed. For incremental NAS backups, an incremental index is performed. The incremental index is much faster.
System requirements…http://now/NOW/knowledge/docs/snapprotect/relsnap_protect90/html/software/admin_info/books_online/netapp/release_10_0_0/books_online_1/english_us/prod_info/snap_protect_support.htm