You spend time planning and implementing updates, upgrades and configuration changes to vSphere Environments. Rollback or recovery is usually the last thing on the mind. Did you know there are multiple ways to successfully backup each component in a vSphere Environment? There are also many ways to recover those same components.
In this series we will talk about considerations to backup and restore or rollback your vSphere environment if we have a need to.
When we discuss our vSphere Components, I am talking about the core product.
- Platform Services Controller / vCenter Server
- ESXi Hosts
- VM Compatibility / VM Tools
- Storage (VMFS/VSAN)
- Network (VDS)
The backup and recovery for each component is different. vCenter Server has a native file-based backup, whereas everything else does not have a native backup tool. Below I will provide guidance and considerations when backing up your vSphere Environment.
Prior to starting any changes in your vSphere Environment backups should be taken. Backing up your environment does not necessarily have an order of backups, but if you think about dependencies, I like to backup my environments in the same order as an upgrade is completed.
Each component has different considerations. Is my vCenter Server running 6.0, 6.5 or 6.7? Is it appliance based, or windows based? Am I using features such as vCenter HA or Content Library’s? Those are all very important questions! vCenter Server 6.5 and 6.7 have a native file-based backup, this will include the configuration, inventory and historical data such as tasks, events and performance data. If using vCenter Server for Windows, backup can be accomplished using an image-based backup tool as well as a backup of the database. Features such as vCenter HA are not needed to be backed up, as the server is restored as a standalone node. Features such as Content Library will have all the configuration and metadata restored, but the files contained in a Content Library are stored within the datastore itself, so those are some considerations to think about.
There are also many ways to backup each component, and not just differences like image-based vs file-based. Components can be backed up through the vSphere Client, API, vSphere CLI, ESXCLI, DCLI and PowerCLI.
Platform Services Controller / vCenter Server
When considering backups for the Platform Services Controller or vCenter Server there are a few methods that can be used. If using a Windows based Platform Services Controller or vCenter Server the supported backup process is to take an image based backup of the Machine and a database backup. If utilizing the vCenter Server Appliance on vSphere 6.5 or vSphere 6.7 the recommended backup method is to use the File-Based backup. The file-based backup is not only available in the vCenter Appliance Management Interface (VAMI) but also has an API and DCLI commands.
Performing an online snapshot of your environment is not recommended or supported. If the need arises to snapshot the environment, all nodes in the SSO domain should be powered off. This can be problematic as all nodes within the SSO domain must be shutdown causing a downtime. In the event of a recovery you would not be allowed to recover one node from snapshot, the entire environment would need to be reverted.
ESXi Hosts do not have a native full backup tool like vCenter Server. There are some considerations to think about; Are my hosts stateless or stateful? Am I using Host Profiles?
If your environment is stateless, a backup and recovery is simple. Update the image profile and perform a reboot of the host, during the boot process a new image will be used and the host profile configuration will be applied.
If your environment is stateful there are a couple options for backup. Using vSphere CLI or PowerCLI you can export the configuration of your ESXi Host, whereas if using host profiles, the configuration will be stored along with an answer file on the vCenter Server.
1Get-VMHostFirmware -VMHost ESXi_host_IP_address -BackupConfiguration -DestinationPath output_directory
- vSphere CLI:
1vicfg-cfgbackup --server=ESXi_host_IP_address --username=root -s output_file_name
Virtual Machines: VMware Tools / VM Compatibility
In order recover a VM in the event you encounter issues with a VM Tools or VM Compatibility update—it’s important to make sure you have a snapshot or full backup of your virtual machine. Recovery may not always require this backup, but it’s good to have a point in time to recover.
Storage: VMFS / VSAN
Storage arrays whether they are VSAN, ISCSI, NFS or FC cannot be backed up directly. In this case, we need to protect the workloads on them instead of the storage itself. For rollback the same holds true, in the event we have a need to rollback a version of VMFS or VSAN the exact steps in the next post in the series.
Network: vSphere Distributed Switch
Last but not least, it is important to take a backup of your vSphere Distributed Switch. A vCenter Server backup does include a copy of the VDS, however if you have a need to recover it separately, a backup and export of the switch should be taken.
- Image-Based Backup and Restore of a vCenter Server Environment
- File-Based Backup and Restore of vCenter Server Appliance
- KB2149237: Overview of Backup and Restore options in vCenter Server 6.x
- Video: Talking Code – VCSA File-Based Backup with PowerCLI
- Blog: Automating File-Based Backups of vCenter Server Appliance
- Walkthrough: vCenter Server Appliance 6.7 File-Based Backup
- Walkthrough: vCenter Server Appliance 6.5 File-Based Backup
- DCLI: File-Based Backup
- API: File-Based Backup
- KB2042141: How to back up ESXi host configuration
- Backing Up and Restoring a vSphere Distributed Switch Configuration
- PowerCLI: Export-VDSwitch
As we think about backing up our vSphere Environment it’s good to know that we have options when it comes to backing up each component. It’s also good to understand the dependencies and order when backing up each piece. In the next part in the series we will discuss the rollback or recovery of each component and the considerations for each.
If you have any questions, comments or feedback, feel free to leave them below or reach out on twitter at @davidstamen.