Posts

Ok, so I'm backing up using VMware APIs for Data Protection (VADP) - now which transport mode do I use?

Okay, so you just pulled your shiny "Backup Product  X" out of the shrink wrap or extracted the ISO to your system. You've installed the software onto your backup server and begin to configure a VMware backup job. You get to the part where it asks for your transport method.

What's this? SAN? NBD? NBDSSL? HotAdd? Appliance?

Why don't they speak English (or your local language of choice)?

Easy there. Let's take a step back and lower the printer. You're not in Office Space.

So let's break down the Transport Modes from earlier:

SAN - Storage Area Network. You might be asking yourself "What? I can use my SAN for backups?" Sure, as long as you meet the following criteria:

1) Your Datastores reside on SAN attached storage (come on, that was a lob)
2) You're not using VVOLs or VSAN (Sorry, neither is supported by SAN transport)
3) You aren't backing up VMware Encrypted VMs (not to be confused with OS encryption or storage encryption)
4) Your b…

My journey to vExpert and beyond(part 2)

Alright, so I'll fess up. I've been slacking on my posts. It has been a busy year and I feel I'm just getting my head back above water. Between work and two additional speaking sessions at the Cincinnati and Orlando UserCons, followed up with my VCP6.5-DCV upgrade/renewal, crazy barely describes it.
I'd like to clarify what vExpert is to me. It's neither a certification nor an accreditation. It is an acknowledgement. A tip of the hat as it were. It is recognition of those with valuable knowledge and skills whom instead of hoarding it, share it freely with others to enrich the product, the community and the experience. It is know-how that could be sold, but is instead shared with only the request to "pay it forward" as the only form of compensation.
That is the reason I see value in putting effort into the program, and it's appreciated that program partners choose to reciprocate by granting access to products we may not otherwise get a chance to try o…

When could/should/would I use Guest level (agent based) backups?

I've recently read an article that listed "best practices" and one of the items listed seemed a bit like bad advice. Which one you ask? When it stated you shouldn't perform Guest Level backups of your virtual machines.Why would you ever want to backup from the guest instead of the hypervisor level? There are 4 cases I can think of right off of the top of my head:1) Need to be able to perform granular recovery of files from a filesystem not supported by VADP. While the list of supported file systems is growing, some backup systems still have problems reading metadata from EXT4 and support only LVM2, but even currently filesystems such as BTRFS are still unsupported.2) Backup of Fault Tolerant (FT) clients. Currently FT does not support VMware snapshots, which makes VADP backups a non-starter. Solutions recommended was to disable the FT during the backup and then re-enable it afterwards. To me this seems unnecessarily convoluted and prone to any number of failures. It …

My journey to vExpert and beyond(part 1)

So to start with, I'd like to make it clear that I'm a Backup Admin by profession, NOT a VMware Admin. I have managed VMware systems previously, and am VCP certified on multiple versions but it is not my day-to-day job.I developed an interest in VMware back when I was a tech support engineer for a company and needed a reliable system to allow me to run multiple operating systems for testing purposes. Dual booting with GRUB, while it would work, was not convienent. Enter GSX. This little application, alone with VMware Server met my needs and sparked my curiosity.After a couple of years in support, I eventually moved on to a regular Backup Admin job, which reduced my normal day to day exposure to VMware. I worked in that role for a couple of years, eventually deploying my first VCB deployment, bringing VMware back into my daily operations. Time passes. Job ends. Now I'm in the job market with a very specialized career direction (backups). While job hunting, I decided it was …

NetBackup VM Selection of a powered off VM

Recently ran into an issue with NetBackup while selecting a VM that was powered off. As this was a one off situation I created a new policy and manually selected only the VM. Set other values as expected, but when I ran the backup I received a status 4239 when at the snapshot phase. I attempted to remove and re-add the VM with no luck. I also turned off quiescing, changed transport mode, and modified other settings trying to determine the root cause.

Come to find out, the issue was the result of the "Primary VM identifier". It was set to the default, which was "VM hostname". This requires information provided by VMware Tools, which are not running obviously on a powered down VM.

Selection options available as identifiers are:
VM hostname
VM display name
VM BIOS UUID
VM DNS Name
VM instance UUID

Both the "VM hostname" and "VM DNS Name" require VMware tools to be running. You also don't want to use "VM BIOS UUID" as there can be mult…

Pre-VMUG GNV Update

So I'll admit, I've been slackng. No updates. Been busy with various projects not B&R or virtualization related.Had a failure in my homelab with my synology 1815+ locking up followed by the blinking power light. Synology is repairing it but told me once they receive it then it's a 7-10 business day leadtime. hope its faster. I did receive a few upgrades for my lab once the nas is back.Future plans (at least pre-vmug metting) will be to upgrade my backup systems in my lab and hopefully come up with a decent outline for a backup design virtualization session. Waiting on some community edition products to come out for testing and design considerations. We shall see.And now, onto the meeting!Charles
@whitehattechs

VMworld 2017 and Hurricanes and Future Projects

Wow has it been a busy few weeks. First wore myself out at VMworld. This was an experience. No other way to put it. I've never been bombarded with so many people, vendors, concepts and sessions in one place at the same time. This doesn't even touch on the topic of all the other user organized events (most notably for me would be the vExpert related events).

I want to thank the folks over at Veeam for sponsoring my conference pass. Without their help it would not have been possible for me to attend this amazing conference and meet all the great people I did.

Hurricane Irma hit Florida (my home state) shortly after returning from VMworld, so that kept me busy with preparations and riding out the mix of power outages and consistent internet outages, even being in North Florida where it was a Tropical Storm by time it hit us. This has given me time to begin thinking about my personal projects that I've been kicking around and debating about.

Speaking of projects, I think I'…

It has begun! VMworld 2017!

Ok, so its really like day 2.3 of VMworld. The first two days were over in a flash and I find myself here on Tuesday trying to process all that I've done so far. The whirlwind of sessions, meeting people and viewing booths kept me distracted from how sore I was undoubtedly becoming. Meeting up with Ariel Sanchez and Edgar Sanchez, being introduced to a whole gaggle of other people much smarter than I.... taking sessions that are WAY out of my current league *cough*VSAN*cough*. So far it has been an amazing experience that I hope to repeat next year!I want to shout out to Veeam and Infinio for making my trip possible. Without their sponsorship I wouldn't have been able to attend. It was awesome to meet some of the vCommunity celebrities like  Edward Haletky, Jorge Torres, Mostafa Khalil, Corey Romero and so many more that I could fill a post with just names.I had a "Meet the Experts - Virtual Volumes with Pete Flecha", the "vDocumentation" session with Ariel…

Where are you going? I'm going to VMworld!

Hello! I wanted to take a minute to thank Greg Stuart, @vDestination, Rick Vanover, @RickVanover, Kirsten Stoner (couldn't find a twitter profile), as well as the other nice people over at Veeam, @veeam, as well as Infinio, @Infinio, for making it possible to go to VMworld for the first time! I'm looking forward to meeting everyone I can at VMworld, and to be honest with you, it wouldn't be possible without the support of these great people and vendors!

I fully plan to check out both vendors at the Vendor Showcase and hope I get to learn about both of their products. After VMworld I plan to take my experience and share it with others, as well as possibly finding a way to contribute to the VMware Community, as well as the next VMworld.

Again, thanks Greg for organizing the "Win a trip to VMworld 2017" contest! Hope to see you at VMworld!

Now to begin packing! It's going to be a busy trip! :)

Charles
@whitehattechs

NetBackup 8.0 Certificates for port 8443

So we ran into an issue with our PCI Compliance scan with our NetBackup 8.0 environments. This happened on both the appliance and the standard Unix system install. The issue was related to port 8443 using a certificate in which the subject common name (CN) didn't match the name of the box (usually because it was FQDN).

The appliances started off with the subject being "CN = nb-appliance, OU = NetBackup, O = nb-appliance". This I assume is a factory default setting. The standard install actually had it as "CN = servera, OU = NetBackup, O = servera" where "servera" is a name of the system (I obviously replaced our system name with this for confidentiality reasons).

The process to correct this problem was surprisingly easy, although not publicly documented well. This ONLY replaces the port 8443 certificates. It is as follows (Please only do this while under the supervision of a Veritas Support Engineer):


Log into the appliance via SSH with a privileged ac…