Going beyond the Veeam Backup, Proxy, and Repository Servers

When most people think of the components that make up a Veeam Backup and Replication infrastructure, the common expectation is that there are three:

  • Veeam Backup Server
  • Proxy Server(s)
  • Repository Server(s)
    • Simple Backup Repository
    • Scale-out Backup Repository

It may surprise you that there are additional components that enable Veeam’s simplicity, reliability and flexibility. I would like share a number of these other components and provide some suggestions on their deployment to ensure that you get the most out of your Veeam implementation.

Microsoft SQL Server:

The Veeam configuration is stored in a Microsoft SQL Server database – known as the Veeam configuration database. (I mean, what else did you think it would be called? 🙂 )

Step 8. Select Microsoft SQL Server

Microsoft SQL Server 2016 SP2 is included with Veeam Backup and Replication v10. It is important to be aware of the limits that the Express version has:

  • Limited to the lesser of 1 socket or 4 cores
  • A maximum of 1.4 GB of RAM
  • Database size can be no larger than 10 GB

Therefore, it is suggested to use a standard or enterprise edition of SQL Server when:

  • You want to use the advanced features of Microsoft SQL Server
  • Protecting more than 500 workloads
  • Using Files to Tape jobs extensively
  • Unable to configure an external staging server (more on the staging server later)

Veeam Backup and Replication Console:

The Veeam Backup and Replication Console is a client-side component that lets to manage, configure, and administer the Veeam infrastructure. By default, the console is installed on the Veeam Backup server, but you can also install it on your local workstation.

The console does not connect directly to the backend SQL Server or any of the other infrastructure components. It connects directly to the Veeam Backup Server service and queries it periodically while the console is open.

The console will automatically be upgraded when the Veeam Backup and Replication server is upgraded. When the console starts, it will communicate with the backup server service and determine that an upgrade is required. The upgraded console version will automatically be downloaded and installed once user confirmation is received.

WAN Accelerator:

When sending data to an offsite location, one of the biggest challenges that you may encounter is the lack of bandwidth. There may be simply more data that you need to copy over in a period of time than the laws of physics will allow.

To overcome these (lack of) bandwidth challenges, Veeam offers WAN acceleration that helps optimize data transfer over a WAN. This is a built-in feature that enables:

  • Global data deduplication
  • Network traffic compression
  • Multi-streaming upload
WAN Accelerators - Veeam Backup Guide for vSphere

And with the release of Veeam Backup and Replication v10, there is also a “High Bandwidth Mode” available for WAN Acceleration. This would be used when connections of 100 Mb/s or greater. “High Bandwidth Mode” will use a quicker compression method, optimized fingerprints / digests and an alternative deduplication algorithm specifically designed for high speed connections.

The result of Veeam WAN Acceleration… a better and higher speed data transfer – regardless of what your WAN connection speed is!

Guest Interaction Proxy

Let’s first answer the question… what is a “Guest Interaction Proxy” and why do I need one?

The guest interaction proxy is used when at least one of the following is configured in the backup job:

  • Application Aware Processing
  • Guest file system indexing
  • Transaction log processing

When the backup job starts and is processing the VM, it will deploy a runtime process in the VM guest OS.

The benefit of identifying additional and / local guest interaction proxies is that it will allow you to spread the load across a number of hosts. In addition, if you are protecting VM’s in a remote site, it will ensure that you minimize the amount of traffic that is transmitted across the WAN connection.

Guest Interaction Proxy

As a best practice, you will want to ensure that the assigned guest interaction proxy is located on the remote site if the job is protecting remote workloads. In addition, having more than one guest interaction proxy will provide redundancy in the event one is offline.

If you would like to configure the guest interaction proxy, simply take a look at a backup job settings under “Guest Processing”:

Mount Server:

The primary focus of the mount server is to reduce the amount of traffic when performing file, application and instant VM recoveries to a remote site. The mount server is also used when performing a Veeam Secure Restore.

When initiating an applicable restore type, Veeam will mount the backed up VM disk(s) to the mount server.

File-Level Restore Scenarios - Veeam Backup Guide for vSphere

Once the disks from the backups are mounted, the applicable Veeam Explorer will be able to navigate and select the applicable files / application items to restore. The same mounting process occurs for a Secure Restore and the applicable Anti-Virus solution(s) will scan the disk(s). That is very important since Veeam is not powering on the VM to run a scan. As the act of powering on a VM may initiate the virus to be enabled.

If your Veeam Backup server is remote to where your backup repository is located, specifying a local mount server (to the repository) will ensure a minimal amount of traffic will be sent across the WAN for the restore process.

Mount Server

As a best practice, you will want to ensure the assigned mount server is as close to the repository (and have network connectivity) as possible. Therefore, be sure to select a mount server that is local to the repository.

If you would like to configure / edit which Mount Server is being used, simply edit an applicable repository:

Gateway Server:

When you deploy a network attached storage (SMB / NFS), Dell EMC DataDomain or HPE StoreOnce repository, each of these do not have ability to run the Veeam Data Mover service. As a result, a connection between the backup proxy and backup repository or between backup repositories can not be established. To enable communication, a Veeam Gateway Server is utilized.

Gateway Server

The Veeam Gateway server will host a Veeam Data Mover service and will then allow communication / data transport between the data mover services.

As a best practice, you will want to ensure the assigned gateway server is as close to the repository (and have network connectivity) as possible. Therefore, if sending data over a WAN, select a gateway server on the target side.

If you would like to configure / edit which Gateway Server is being used, simply edit an applicable repository:

Staging Server:

When you want to fine-tune a SQL Server, Oracle server and SharePoint server, the Veeam Staging Server makes that possible. Think of it as a “helper” for Veeam’s advanced recovery features.

A staging server is required in the following scenarios:

  • Restore or export to a specific transaction
  • Restore or export to a specific point in time
  • Restore or export a database object
  • Restore Microsoft SharePoint item level recovery
  • When using SQL Server Express for the configuration database and the database you are looking to restore exceeds the SQL Server express thresholds (ie: database size)

If you would like to configure / edit which Staging Server is being used, simply open the Veeam Explorer for SQL, Oracle, or SharePoint and go to the “General Options”.

Tape Server

Not only can Veeam send backups to disk, but Veeam also provides the capability to send your backups to tape along with files / shares / NDMP data in your environment. Really making it simple to implement the 3-2-1 rule with your data.

With Veeam Backup and Replication v10, Veeam supports tape drives of LTO-3 and above. The tape drive must have a a driver installed. However, Veeam is able to communicate directly with a tape library via SCSI commands if needed.

Tape Environment - Veeam Backup Guide for vSphere

The tape server will be deployed from the Veeam Backup and Replication console… just like any Veeam component. It can deployed on a dedicated server or directly on the Veeam Backup and Replication Server.

Veeam Backup and Replication is the cornerstone of your data protection strategy. Knowing the different components, how they work, and how to configure them for the best performance will ensure your success!

Unlocking the power of the Veeam External Repository

Over the last 3 years, I had the opportunity to have a front row seat for two major releases of Veeam Availability Suite along with numerous updates. And with over 200+ new features / enhancements combined, one of my favourite innovations is the Veeam External Repository.

The first question you may be asking is… “What is an External Repository?”. Very simply, it is a READ-ONLY repository, managed through Veeam Backup and Replication, which allows you to access backups and data generated using Veeam Backup for AWS and / or Veeam Backup for Microsoft Azure

In the figure below, you can see that Veeam can create native snapshot(s) of your cloud instances along with sending a copy for backup purposes to lower cost object storage.

Once the backups are generated and placed in object storage, the External Repository will be able to leverage those backups for a variety of use cases (keep reading to find out!).

The process to configure a Veeam External Repository is as simple as creating a Backup or Scale-Out Backup Repository. First, initiate the configuration wizard and select the source (AWS or Azure):

Once the steps in the configuration wizard are complete, an “External Repository” option will be available under the “Backup” node in the Veeam Backup and Replication console once it is created.

When selecting the “External Repository”, it will enumerate the policies and backups configured in Veeam Backup for AWS and / or Veeam Backup for Azure. For example, below is a screenshot of policies defined in the Veeam Backup for AWS portal.

And what are the use cases for a Veeam External Repository? Let’s discuss!

Implement the 3-2-1 rule for your cloud based workloads

The External Repository can be used as a source for your backup copy jobs. This means that you have the capability to create additional copies of your cloud workloads and place them into a Backup or Scale-out Backup Repository:

Perform Instant VM Recovery of your cloud based workloads

The ability to instantly recover your on-premises workloads was a feature Veeam pioneered in 2010. Now with the External Repository, this capability has been extended to your cloud based workloads.

Not only will this ensure that your workloads are available to your end users and customers as quickly as possible, but this will also give you the greatest flexibility in workload mobility.

Restore your backups to the original cloud or an alternate cloud

Simply right click on the required workload and then select “Restore to…”

Easy access to restore guest OS files and folders

In addition to be able to restore an entire VM / workload, Veeam also provides the capability to easily access and restore guest files, folders, and volumes in the VM along with application items (SQL, Active Directory, Oracle, Exchange, SharePoint).

As a best practice, if you are sending your traffic across the public Internet and Direct Connect from Amazon or ExpressRoute from Microsoft are not being used, Veeam has a great FREE VPN solution called Veeam PN.

If you are currently or are planning to use Veeam Backup for AWS and / or Veeam Backup for Azure, the External Repository in the Veeam Availability Suite will provide simplicity to data protection and recovery ability along with cloud mobility.