An exciting new feature that VMware has progressively been releasing information on is the VMware vSAN Beta Native Data Protection feature with nextgen snapshots. This has been shed light on at VMWorld 2018 Las Vegas and now at VMWorld 2018 Barcelona. The new native data protection feature is an interesting offering from VMware that is currently in Tech Preview form, not having been released as of yet in a vSAN version thus far. It opens up some interesting questions about how VMware is positioning the technology as well as how it interacts with the already healthy ecosystem of data protection solutions partners that VMware has worked with since the outset. Additionally, the new technology relies on next generation snapshot technology. What is this? How is the new snapshot technology different from what we currently know and understand as snapshots? Let’s take a look at VMware vSAN Beta Native Data Protection Feature with NextGen Snapshots and go a bit deeper into what we know about this, how it is positioned, and how third-party vendors can interact with it.
VMware vSAN and How New Data Protection is Positioned
vSAN is the foundation of VMware HCI solutions today whether it is VXRail, or other solutions. More organizations today are now using vSAN or considering it for running production workloads in their next refresh cycle. VMware vSAN is being utilized in various environments for either production or DR storage. When it comes to backing up vSAN, organizations are using a wide variety of solutions in the vSAN backup and data protection solution ecosystem. Any VADP compatible solution or in other words, one that interacts with vSphere APIs for data protection or “backup APIs” can perform backup and recovery on VMware vSAN. VADP solutions work the same way whether they are on standard vSphere datastores or vSAN. Such familiar vendor solutions as Veeam, Commvault, Rubrik, Druva, Veritas, etc are vendors that make use of these APIs and have been referred to as best-of-breed data protection solutions vetted through a vSAN-specific certification program.
Today there are plenty of choices in the data protection space via a very healthy ecosystem of partners. Why is VMware interested in providing a native data protection? The whole idea is that VMware wants to offer “good enough” data protection that is baked into the vSAN platform for customers that may not already have a backup solution in place or doesn’t need the more in depth features and capabilities provided by third-party vendors. Additionally, having it backed into vSAN natively means backups can be managed natively inside vSphere. This is really the motivation to build this capability into VMware vSAN. Now that we know how the solution is positioned, let’s take a deeper look at the technology itself that is being developed for the native data protection feature with nextgen snapshots.
VMware vSAN Beta Native Data Protection Feature with NextGen Snapshots
The vision for the new data protection solution is to build a snapshot based, policy-driven local and replication protection capability that is:
- Space efficient using native snapshots
- Unified local and remote protection
- Flexible scheduling & retention policies
- Policy-based management
- Native recovery workflows
- Native data protection reduces capex and opex burden of deploying additional products
- Lower RTOs compared to traditional image-based backup
When we think about the traditional VMware based snapshots that we all know and love/hate, they are good for ad hoc use cases, etc. However, they are not built for scalability or performance and in fact, it is never recommended to keep these around long at all. Since traditional snapshots are not suitable for a scalable or performant data protection solution, VMware is building a new snapshot technology from the ground up for the new data protection solution. The new technology is “redirect on write technology” that will give the solution high scalability and performance so this method can be used for data protection. Aside from the new underlying snapshot technology, VMware is developing new storage based policies for vSAN that are specific to data protection.
When we think about true backups, if we are keeping those backups on the same storage as our original production storage, this isn’t really effective as a “backup” if you lose production storage. So, with the new VMware vSAN data protection feature, you will have the ability to take snapshots and send them to a secondary storage target (NFS, object storage either on-prem or in the cloud). Cluster to cluster replication will also be supported.
New Snapshot Technology
Perhaps this is the most interesting component of the vSAN data protection topic – the nextgen snapshot technology. Internally VMware calls it “UPIT” or Universal Point in Time snapshots. It is state of the art when thinking about snapshots. Basically the base disk and all the deltas for the snapshots are all stored within a single logical vSAN object. With the new solution there will no longer be “redo” logs the “delta” disks that are currently created with traditional snapshots. This will give the scalability and performance needed for data protection.
VMware plans to support application consistency with VSS integration for Microsoft and pre and post scripts for Linux. Further RMAN integration and more application agents integration will happen over time. A great feature disclosed is there will be independent control for performing “crash consistent” and “application consistent” backups. Since there is overhead to application consistent backups on your application. So, for instance, you may want to create crash consistent backups every 15 minutes, but maybe only create application consistent backups every hour. The bottom line is you can take different numbers of crash consistent backups when compared to application consistent backups.
The concept of “local data protection” using the local SPBM framework of vSAN means you will be able to specify snapshot frequency for a given virtual machine that are using a particular vSAN policy. For instance you could specify taking snapshots every 5, 10, 15 minutes or whatever your SLA is. You will have the ability to do restores right from vCenter.
Again for true backup functionality, you need the ability to send those snapshots to external storage or storage that is not attached or reliant on the vSphere environment itself for resiliency. As far as retention, the VMware vSAN data protection solution will be able to delete old snapshots as they are rolled out. For now VMware is releasing “count based” retention while adding features such as scheduling later and time based retention.
What features might you not find at least for now in the new VMware vSAN data protection solution? Currently, the initial release of vSAN native data protection will not include the ability to perform file-level restores, only VM level restores. Additionally, for those that already have third-party solutions with the ability to perform application item restores such as Exchange mailbox protection/restores, you may want to stick with your current data protection provider for those capabilities.
A comprehensive Snapshot Catalog will be available to
- View and manage restore points natively in vCenter
- Viewing all available VM restore points
- Validate that RPO SLAs are met in a simple timeline view
- Convenient timeline filtering to simplify monitoring
- Simple right-click recovery from any point-in-time.
Restores will be easy – simple wizard simple and flexible restore workflows. For those familiar with “instant restore” technology that many third-party data protection vendors utilize, VMware vSAN native data protection will allow “instant” restores using Linked clone technology. This will all the restore as linked clone and then promote it to a fully independent VM at a later time if needed.
The new vSAN Beta release that VMware is touting contains some other exciting technology. What is included?
- vSAN Data Protection
- VMware vSAN file services – the ability to have native file services within vSAN.
- Cloud Native Storage – persistent storage for containers
VMware vSAN Beta Native Data Protection Feature with NextGen Snapshots – Coexistence with Third-Party Solutions
How will the new VMware vSAN Data Protection Solution coexist with Third-Party Data Protection solutions?
- All of these features will be available through API access.
- A VM can be protected by a 3rd party Backup solution and vSAN Data Protection
- The VM is protected by a backup agent and a vSAN data protection policy
- Once a VM is protected by a vSAN Data Protection Policy, all VM snapshots for it will be next-gen snapshots
- 3rd party backup solutions will be able to leverage the benefits of next-gen snapshots
VMware continues to innovate with VMware vSAN. The tremendous growth the solution has experience is a testament to the success of the product and its viability in the enterprise. The new VMware vSAN Beta Native Data Protection Feature with NextGen Snapshots will continue to take VMware vSAN to the next level of functionality and included native features found in the solution. VMware has done a great job of making vSAN all inclusive and getting all aspects of your data manageable from within the vSAN management within vSphere. If you are interested in the new VMware vSAN beta release and getting your hands on it to test it in your own environment, you can fill out the form found here: http://www.vmware.com/go/vsan-beta