Did you know the vCenter Server Appliance (VCSA) has file-based backup options?
This ability was actually released in vSphere 6.5. However, there was one feature in particular that was missing: a scheduler. I’m happy to say that as part of vSphere 6.7, the VCSA received a backup scheduler!
Recently, my teammate, Emad Younis released a couple cool walkthroughs to the vSphere Central site to manage file-based backup and restore actions. Under the covers, both of these actions are served up by vSphere’s RESTful APIs and therefore PowerCLI can also be used to automate these actions! One other benefit of using the API, you don’t have to hand out the root credentials. Users with the ‘SystemConfiguration.Administrators’ permission are able to perform all of the following tasks through the API and PowerCLI!
To perform a file-based backup with PowerCLI, we’ll need to make use of the CIS module. Since the CIS module is a low-level module, let’s see a couple examples of this in action.
Create a File-Based Backup
Let’s first start with the process to perform a backup.
First step, log in to the CIS Service for the VCSA:
|
1 |
Connect-CisServer -Server vcsa01.corp.local |
Next, we need to find the appropriate service to perform a backup:
|
1 |
Get-CisService -Name *backup* |
Based on the output, we will want the ‘com.vmware.appliance.recovery.backup.job’ service. We will store that into a variable so we can easily interact with that specific service. To see the method we are going to use, take that variable and pipe it to ‘Get-Member’.
|
1 2 |
$backupJobSvc = Get-CisService -Name com.vmware.appliance.recovery.backup.job $backupJobSvc | Get-Member |
As part of the respose, we’ll see two important items. First, the ‘create’ method which we’ll use to actually create the backup job. Second, the ‘Help’ property. We can use ‘Help’ to help us form the input for the backup job with the following command:
|
1 |
$backupJobSvc.Help.create.piece |
We can now fill in each of the parameters with information for our environment. There are a couple caveats here. First, the ‘parts’ parameter is expecting an input of an array type. Second, each of the password parameters require a special type in order to be accepted.
|
1 2 3 4 5 6 |
$backupSpec.parts = @("common") $backupSpec.location_type = "FTP" $backupSpec.location = "ftp01.corp.local" $backupSpec.location_user = "backup" [VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = "VMware1!" $backupSpec.comment = "PowerCLI Backup Job" |
Finally, having input all of our information, we can create the backup job!
|
1 |
$backupJob = $backupJobSvc.create($backupSpec) |
We can combine this into a nice script as follows:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# Login to the CIS Service of the desired VCSA Connect-CisServer -Server vcsa01.corp.local # Store the Backup Job Service into a variable $backupJobSvc = Get-CisService -Name com.vmware.appliance.recovery.backup.job # Create a specification based on the Help response $backupSpec = $backupJobSvc.Help.create.piece.CreateExample() # Fill in each input parameter, as needed $backupSpec.parts = @("common") $backupSpec.location_type = "FTP" $backupSpec.location = "ftp01.corp.local" $backupSpec.location_user = "backup" [VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = "VMware1!" $backupSpec.comment = "PowerCLI Backup Job" # Create the backup job $backupJobSvc.create($backupSpec) |
Create a Scheduled File-Based Backup
Let’s now take a look at creating a scheduled backup job with PowerCLI.
Following a similar process to the last task, we will want to use one of the services we found previously called: com.vmware.appliance.recovery.backup.schedules
This time, we see two inputs are required. First, the schedule ID. Second, the specification which is similar to the prior example. The ‘Help’ property will be quite useful to create both specifications.
Much like the prior example, this one too has some caveats. The Schedule ID input can be a string of your choosing. For reference, performing this process in the UI creates a default ID of ‘default’. The scheduling recurrence configuration can be done in many ways through the ‘days’ property. If a daily backup is desired, there’s no need for any input and it can be left ‘unset’. If a specific day/s are desired, the input has to be of an array type.
Here’s a script which can be used to create a scheduled file-based backup:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
# Store the Backup Job Service into a variable $backupSchedSvc = Get-CisService -Name com.vmware.appliance.recovery.backup.schedules # Create a Schedule ID specification based on the Help response $schedSpec = $backupSchedSvc.Help.create.schedule.Create() $schedSpec = 'weekly' # Create a specification based on the Help response $backupSchedSpec = $backupSchedSvc.Help.create.spec.Create() $backupSchedSpec.parts = @("common") $backupSchedSpec.location = "ftp://ftp01.corp.local" $backupSchedSpec.location_user = "backup" [VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSchedSpec.location_password = "VMware1!" $backupSchedSpec.enable = $true $recurSpec = $backupSchedSvc.Help.create.spec.recurrence_info.Create() $recurSpec.days = @("Sunday") $recurSpec.minute = '59' $recurSpec.hour = '23' $backupSchedSpec.recurrence_info = $recurSpec $retentSpec = $backupschedsvc.help.create.spec.retention_info.Create() $retentSpec.max_count = '5' $backupSchedSpec.retention_info = $retentSpec # Create the backup job $backupSchedSvc.create($schedSpec, $backupSchedSpec) |
Afterwards, if you log into the VCSA Appliance Management Interface (VAMI), your backup schedule should look much like the following:
Summary
The ability to create file-based backups of your vCenter Server is a function that is only available to the VCSA. This function is made possible by a set of RESTful APIs which PowerCLI can also consume, with the additional benefit of not being reliant on the root account! This blog post walked through examples of creating a file-based backup job and creating a scheduled file-based backup job.
More information about VCSA file-based backup can be found on the vSphere Central site: vCenter Server Appliance 6.7 File-Based Backup
Let us know in the comments how you’re automating your VCSA backups!
Will the scheduler by added to VCSA 6.5?
Is it possible to restrict the permissions of the user that connects to the REST API to limit the actions that the script will be allowed to do (ie only allow backup API calls on /rest/appliance/recovery/backup/*)
I guess I’m wondering why you wouldn’t just use a scheduled snapshot to protect the VCSA? Can you explain this use case?
Snapshots alone aren’t adequate enough protection to be considered a backup.
Some examples:
Snapshots have a dependency on the current storage system. If you lose the storage, you lose the VM and the snapshots too.
Snapshots have a dependency on the current set of VMDKs. If there’s corruption at the VM disk level, you’ll also lose the VM and the snapshots too.
Snapshots log changes to the disk and therefore have an impact on performance, especially if you keep them for long periods of time or maintain multiple snapshots.
Snapshots lock certain changes to a VM, example: disk size. If you have a VM with an active snapshot, you can’t increase any disk space for that VM.
i am getting this error when I execute the script. I used administrator@vsphere.local account to connect to vcsa Please help.
A server error occurred: ‘com.vmware.vapi.std.errors.unauthorized’: Unable to
authorize user (Server error id: ‘vapi.security.authorization.invalid’). Check
$Error[0].Exception.ServerError for more details.
At D:\vmware\vcsa\vcsabackup\backupjob.ps1:22 char:1
+ $backupJobSvc.create($backupSpec)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], CisServerException
+ FullyQualifiedErrorId : VMware.VimAutomation.Cis.Core.Types.V1.CisServer
Exception
Hello Kyle ,
please is this script can be used to backup the vcsa with external PSC ?
Yes, this can be used against PSCs and VCSAs.
hi.
i also have the below since upgrades:-
A server error occurred: ‘com.vmware.vapi.std.errors.unauthorized’: Unable to
authorize user (Server error id: ‘vapi.security.authorization.invalid’).
any fixes?
There’s two options:
Option 1 – Update
The most recent update of vSphere 6.5 and vSphere 6.7 Update 1 both have the update to correct this issue.
Option 2 – Workaround
Restart the applmgmt service and try again: service-control –stop applmgmt, service-control –start applmgmt
Restart the vAPI endpoint service and try again: service-control –stop vmware-vapi-endpoint, service-control –start vmware-vapi-endpoint
Restart the VCSA and try again
C:\Windows\system32> $backupSpec.parts = @(“common”)
$backupSpec.location_type = “FTP”
The property ‘parts’ cannot be found on this object. Verify that the property exists and can be set.
At line:1 char:1
+ $backupSpec.parts = @(“common”)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyAssignmentException
The property ‘location_type’ cannot be found on this object. Verify that the property exists and can be set.
At line:2 char:1
+ $backupSpec.location_type = “FTP”
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyAssignmentException
I’ve the same problem:
C:\Windows\system32> $backupSpec.parts = @(“common”)
$backupSpec.location_type = “FTP”
The property ‘parts’ cannot be found on this object. Verify that the property exists and can be set.
At line:1 char:1
+ $backupSpec.parts = @(“common”)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyAssignmentException
The property ‘location_type’ cannot be found on this object. Verify that the property exists and can be set.
At line:2 char:1
+ $backupSpec.location_type = “FTP”
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyAssignmentException
Any idea how to fix it?
Thats all stuff can be done over appliance management portal (Port 5480) but concern is with Backup job status. We still have to check manually for all backup jobs status on daily basis. Making corn jobs are not authentic way and is just work around to send email alerts on every successful backup. I can see in Vcenter 7.0 which is showing the last file backup date and time but not sure how to get it via command.
Seeking for a solution to get the last file backup job status. This way we can setup a daily alert over email or SNMP so that whenever any job get failed will send alerts.
Nice Post It’s Really Useful To me Regards
LocalEssay
Thanks very much its great idea for pingbacksu arıtma cihazları
Thanks for showing that kind of knowledge on your portal.You have done all good.I love to see you again with some new content.
Thank you for your blog article .Really looking forward to read more. Will read on…
Thanks for every other great article. The place else could anybody get that kind of information in such an ideal approach of writing?
I’ve a presentation subsequent week, and I am on the search for such information.
this is really impressive! thanks for share this awesome research!
I am really grateful for your blog post for giving a lot of information
Well I truly enjoyed reading it. This subject offered by you is very helpful and accurate.
Thanks for sharing this marvelous post.
I know this website presents quality depending articles or reviews and other stuff, is there any other site which gives these kinds of data in quality?
As a rule, it depends on the playing style of both teams playing against each other. If teams from the CIS region or Southeast Asia participate in the tournament, you should definitely consider that there will most likely be a lot of crazy killings. These teams are rather rampant and sometimes make risky blots. On the other hand, European teams have a clearly defined game plan and control the map at 100%.
This is really helpful post and very informative there is no doubt about it.
https://www.sportstotomen.com
I appreciate your valuable post. The article is very concise and neatly organized, so it fits more easily in the head. I hope to see your good posts again in the future. Thank you again 🙂
EXCELLENT POST, THIS IS SO REALLY NICE, THE INFO THAT YOU HAVE PROVICED IS SO VERY VALUABLE TO US AND TO EVERYONE.
HAVE A GREAT DAY TO ALL!
THANK YOU FOR THIS WONDERFUL BLOG THAT YOU’VE SHARED TO US.
Bonus Money Zetak Gangnam Shirt Room Sabiroda Processing DB Selling HITBET Community Banner Front Room Evolution Slot Restaurant Block Deal Toto Casino No Reel Game Multiple Events Private Sports Toto Inflow Rate Pay Promotion Office Phone Same-day Profits Dilton Haeundae Personal Store Purchasing Corporate Front Guitar DB Copper Hold’em Knife Charge Stock Real-time lottery run Suzy Hold’em Family room operation Sports Toto production ring game Contact us
Bonus Money Zetak Gangnam Shirt Room Sabiroda Processing DB Selling HITBET Community Banner Front Room Evolution Slot Restaurant Block Deal Toto Casino No Reel Game Multiple Events Private Sports Toto Inflow Rate Pay Promotion Office Phone Same-day Profits Dilton Haeundae Personal Store Purchasing Corporate Front Guitar DB Copper Hold’em Knife Charge Stock Real-time lottery run Suzy Hold’em Family room operation Sports Toto production ring game Contact us
Community by collecting money – Mokdonnet
Retrospective payment Techje Tio no Timebee Coin Limited Techni Jaetechno Timebee Coin Coin Market Jaetechno Powerball Powerball Solution Coin Top Kino Coin Powerball Solution Leading Coin Parbol Evolus Slot Appropriate Night Market Gangnam Station Jangjang Site Kaji Middle Coin Powerball Evolus Slot Lodge Marketing Team Leader Gangnam Station Luxury Bag Gangnam Kaji Gangnam Baka Overseas Futures Recommended DB Trading Company Distributor
Dramas coreanos, chinos, Tailandia, Japones, mira antes que nadie los últimos doramas online en emisión y finalizados en DoramasYt HD.
“A much informative article and I really appreciate this info and willing for the more interesting article like this.
“
Thank you ! Leave your blog address below. Please visit me anytime.
Thank you ! Leave your blog address below. Please visit me anytime.