DISASTER RECOVERY 
JOURNAL
P. O. Box 510110
St. Louis, MO 63151
(314) 894-0276 
Fax: (314) 894-7474
Internet www.drj.com 
E-mail drj@drj.com

PUBLISHER
Richard L. Arnold, CBCP
richard@drj.com

EDITOR-IN-CHIEF
Jon Seals
jon@drj.com

SENIOR EDITOR
Janette Ballman
janette@drj.com

COPY EDITORS
Richard Sandhofer
richards@drj.com
Pamela Clifton
pamelaclifton@hotmail.com

ADVERTISING 
Robert Arnold
bob@drj.com

_____________

Corporate

President/CEO
Richard L. Arnold, CBCP
richard@drj.com

Vice President 
Robert Arnold
bob@drj.com

CONFERENCE COORDINATOR
Patti Fitzgerald, CBCP
patti@drj.com

CONFERENCE REGISTRAR
Merce Knese
 mercedes@drj.com

CIRCULATION
Laura Baugh
 laurab@drj.com

EXECUTIVE COUNCIL
Jeff Dato, MBCP, KPMG
John Jackson, J Albright Advisors
Edward Devlin, E.S. Devlin & Associates
James Hammill, CBCP, JMH Consulting
Pat McAnally, SunGard Availability
Brian Turley, Strohl Systems
Belinda Wilson, Hewlett-Packard
INTERNATIONAL
CONTACTS
England: Thom Hetherington
Business Continuity 
Phone: 0161-237-1007
 thomh@tempus.demon.co.uk

Australia: Anthony J. Harvey
Journal of Business Continuity
Phone: 0011-613-953-0055-8
fax: 0011-613-953-0528
 sector@notability.com.au

Japan: Shinji Hosotsubo
Quake Japan Co., Ltd.
Phone: 03-3215-2880
fax: 03-3215-2881

 

Click Here for a Printable Version

By MAX LYDAVINSKY

Virtualization technology presents a classic dilemma for IT departments. On the positive side, virtualization offers clear economic and operational benefits for consolidating servers, supporting legacy applications, and managing pre-production test environments. Yet it also presents a disaster-recovery challenge. Virtualization not only puts many eggs in one basket, magnifying the impact of hardware failures; it also complicates backup and recovery. Using simple back-up techniques on a server that hosts multiple virtual machines isn’t sufficient to ensure that the state of individual virtual machines is fully recoverable. IT managers that are planning to employ virtualization are discovering that they need data protection approaches and disaster recovery plans that handle these realities and afford virtual machines the same safeguards as traditional servers.
These data-protection plans need not be vastly different than those organizations already in place. Many companies already use imaging technology to protect and restore their file, database, and application servers. These same imaging technologies, in conjunction with agents that run within individual virtual-machine instances, can provide a comprehensive, reliable, and cost-effective data-recovery solution that protects virtual as well as physical servers. This article outlines common virtualization scenarios and best practices for protecting and recovering the critical corporate data present in each.

Virtualization is Coming Around Again
Virtualization technology has many variants. IT veterans will recall that time-sharing, a form of virtualization, has been used since the 1960s to allocate precious mainframe resources amongst different companies or departments. On today’s PC servers, virtualization has been gaining in appeal as IT organizations seek to trim the cost of managing and maintaining large numbers of physical servers. The trend is being fueled by increasingly powerful hardware and a proliferation of capable virtualization products.
PC-server virtualization products implement virtualization by running a virtual server application on top of a “host” operating system to divide the hardware resources of the physical server – CPU, RAM, video, network – into separate and independent “guest” environments. Each guest environment can include one or more virtual hard disks and can run its own operating system and set of applications.
Data centers can realize numerous benefits from virtualization. Instead of being limited to a single operating system on each physical computer, companies can support legacy applications by deploying multiple environments on the same server. Companies can use virtual servers to eliminate costs of managing and upgrading legacy hardware by migrating older applications onto virtual machines running on new, reliable hardware. They can also consolidate low-use departmental servers onto a single physical server to decrease management complexity.
Additionally, virtualization continues to play a key role in pre-production test environments. Software-development and testing groups have long used virtual machines to simplify the creation and re-creation of realistic test environments. Because virtual machine partitions are encapsulated as single files on the host machine, they can be moved and copied easily, which makes them easy to deploy for any given test scenario.
It is in production environments, however, where the virtualization makes the disaster-recovery challenges most acute. In production environments, it’s often impractical to power down a virtual machine so that it can be copied wholesale. Production environments are also subject to constant changes – not just data, but applications and operating systems as well, thanks to the need to apply hotfixes and other updates.

Protecting Dynamic Production Environments
Virtual machines used for production purposes, like any production server, contain a constantly changing set of user data, settings, applications, and operating system files that must be protected. Gone are the days when the operating system and applications stayed essentially constant so administrators only needed to worry about protecting user data.
Security concerns, OS patches, anti-virus and malware updates, along with the desire and ability to upgrade features more frequently has led operating system, security, and application vendors into a steady stream of updates. If administrators wish to create data protection strategies that lead to successful and safe restores, they must not only have current versions of user data but also up-to-date images of these dynamic operating system and applications. Restoring an out-of-date operating system with vulnerabilities during a recovery effort could introduce significant security risks at a time when adminstrators need a stable foundation.
Some companies attempt to use virtual machines alone for disaster recovery. Since virtual hard disks are typically comprised of a single file holding the operating system, settings, and application stack, administators might plan to deploy this single file onto a different physical server when disaster recovery becomes necessary. For example, a company might have an alternate data center location with any number of virtual hard disk files that mirror a production server configuration. In the case of any service disruption, the virtual backups can be put into service. Many virtualization vendors even include tools to create virtual hard disk files from a physical disk. The problem with these approaches is that these virtual machine files can quickly become out-of-date and copying new versions requires shutting down the production machine.

Back Up From ‘Inside’ Virtual Machines
A better approach is to apply imaging technologies and products that can protect virtual machines even when they’re running by creating frequent images of the live production data, operating system, and applications.
Two mechanisms for protecting the virtual server are possible in principle. One is to backup the files that comprise the virtual machines from “outside” – that is, from the host operating system. The other is to backup the virtual machines from “inside,” treating each guest VM as a distinct physical server that needs to be backed up independently.
In practice, backing up production virtual machines from outside is insufficient. Because running virtual machines keep state information in memory, simply backing up the virtual hard disks cannot reliably capture the complete state of a running virtual machine. Again, just as with copying virtual hard disk files, it is possible to back up virtual machines when they are not running. But that would mean shutting them down during the back-up cycle – rarely a realistic option in a production environment. Backing up the live environments from within each virtual machine is thus the preferred approach in a production environment.
Specifically, administrators need to use imaging software that can run both on the host and within each virtual machine. Administrators can then back up on demand or schedule backups for the host and each virtual machine as desired, without incurring downtime. One common approach for protecting multiple virtual machines in this manner is to use lightweight distributed agents. One agent runs on each virtual machine; a central management console controls on-demand and scheduled image creation on any virtual machine or physical server with an agent installed.

Imaging is Fast and Efficient
Imaging itself is a fast and efficient alternative to using file-based back-up solutions. By using disk-to-disk techniques along with incremental or differential imaging technologies, administrators can protect the operating system, applications, settings, and data for the host operating system and for each virtual machine in a manner that is faster, more comprehensive, and simpler than traditional file-by-file backup to tape devices. The resulting back-up image can be stored on a separate physical drive attached to the virtual server or on any network-accessible drive. Imaging shares some of the simplicity of virtual machine files in that the image is just a single file that can be moved around easily.
By creating and verifying complete images of live hard disks and partitions, administrators can be certain that all data, settings, applications, and operating system files are protected. In a typical scenario, an administrator might schedule a full image creation for each virtual machine once each week and incremental or differential images daily throughout the week. An administrator can, of course, schedule or launch incremental or differential images or perform backups more or less frequently as required.
Imaging offerings today take different approaches to restoring to dissimilar hardware. The classical approach is to strip out the security identifier (SID) and all information about the network environment. You can think of it as the Microsoft Sysprep approach. This way, once the data is restored to the new hardware, an engineer will still have to reconfigure the system manually in order for it to be recognized on the network.
A more effective way to handle this is to maintain the SID and network domain information when restoring the system. When the system reboots, it will be network-aware and part of its appropriate domain, significantly reducing the amount of downtime and possible technical-induced errors from misconfiguring the network.
But creating an image is only the beginning – restoring images must be simple, fast, and trouble-free. If a data center suffers a catastrophic failure, such as a fire that destroys several mission-critical servers for example, the IT manager will want the best engineers solving that problem. Imaging software that employs an easy-to-use GUI and straightforward restore commands, such as Acronis True Image Enterprise Server, allows the IT manager to have technicians restore physical and virtual servers while the high-level engineers repair the catastrophic failures.

Old and New Threats
Imaging protects companies from unplanned downtime and data loss. Virtual servers are subject to the same variety of loss scenarios as traditional servers, as well as some additional ones that arise from the nature of the virtualization technology. These loss scenarios include:

  • Complete hardware loss due to theft, fire, flooding, or similar disasters;
  • Hard-disk corruption or failure;
  • Compromise of host operating system, whether by virus or similar malware, software failure, intentional hacking, or human error;
  • Compromise of guest operating system, by any of the mechanisms that can compromise the host OS;
  • Human error, including accidental deletion or modification of a virtual machine or virtual hard disk or its files on the host.

Disaster Recovery
When using imaging technologies, when any part of a production virtual machine fails, administrators need fast and simple recovery steps. There are typically a number of recovery options designed to get the production virtual machines running again:

  • For data and non-system partitions within a virtual machine, administrators can recover the partition in minutes using the latest image file for that partition;
  • For individual files within a virtual machine, most imaging products provide a selective file restore feature;
  • For system partitions within a virtual machine, administrators can restore the partition easily using a bootable rescue CD and then pointing to the latest image file;
  • In the case of full system loss, administrators can restore the host operating system and images back to the repaired hardware or new hardware and then restore each running virtual machine as outlined above.

The Future of Virtualization
Virtualization provides major cost and management benefits for corporate data centers. With advances in 64-bit hardware and multi-processor servers and the accompanying increase in CPU power and RAM capacity along with cost-effective clustering solutions, servers will increasingly be capable of supporting larger numbers of virtual machines.
Agent-based imaging technology enables IT managers to provide these virtual machines with the same protection as physical servers, so they can rest assured their data, settings, applications, and operating systems are protected against disaster. By addressing a live production environment where downtime is an expensive option, imaging technologies provide a more realistic protection and disaster recovery approach than simply copying virtual hard disk files. When disaster does hit, having an up-to-date image of the compromised server will ensure a smooth recovery.

Max Lydavinsky is the director of engineering for Acronis, Inc.

 

©Copyright Systems Support Inc. All rights reserved. Reproduction in whole or in part in any form or medium without the express written permission of System Support Inc. is prohibited.