Even entry level SAN's today from vendors such as HP, Dell etc are offering hardware VSS software as standard, which is great for brick level backups of your Hyper-V virtual environment.
But... What happens if you find yourself using a SAN without H/W snapshots or your financial director has locked away the key to the stationary room. The dilemma is then whether or not to go ahead and submit the proposal for the H/W snapshot licenses or use the build in software VSS provider in Windows.
It is at this stage you need to undertake a comprehensive review of the perils of using software VSS, these being the increased demands on your Hyper-V hosts, long backup times and the dreaded redirected I/O in a clustered environment.
Redirected I/O
When backing up CSV's you will need to rethink your VM placement, this is due to the fact that low level operations on CSV's in Windows 2008 R2 Hyper-V result in redirected I/O. This process locks the CSV for exclusive access by the CSV owner in order to take a consistent backup, the bad news is every other host in the cluster will need to read and write data over cluster communications network rather than the storage network.
When using H/W VSS providers the amount of time for redirected I/O to occur during a backup is limited to the time required to create the hardware snapshot (typically a couple of seconds), but when using a S/W VSS provider redirection will occur for the entire length of the backup. Obviously backing up large numbers of virtual machines during business hours becomes a non runner, however S/W VSS can be used to backup VM's as long as you plan your environment to suit the solution.
VM Placement
When planning to use the S/W VSS provider you need to consider a couple of key area's. As mentioned earlier you want to limit the amount of time you incur redirected I/O so you should setup protection groups by CSV rather than by logical groupings such as SQL servers for instance. VM's with VHD's on multiple CSV's are also going to be an issue as when a backup is called, every CSV which is associated with the VM will also go into redirected I/O mode.
Using manual migration or Systems Center Virtual Machine Manager you want to get to a point where by manageable quantities of virtual machines are located for your soon to be built brick level protection groups.
Serialisation - Backup Jobs
Once you have sorted out your CSV / VM placement design the next stage is to serialise backups by using registry entries and the DSConfig powershell script. This process ensures that DPM is made aware of virtual machine placement at a storage level and limits DPM as to how many VM's it can backup at a particular time.
Conclusion...
Once you plan your environment and follow the guidelines outlined (http://technet.microsoft.com/en-us/library/hh757922.aspx), using DPM for brick level backups with the software VSS provider can help you get to a good place with your entire virtual environment ready to restore in a click of a button.
Tuesday 11 September 2012
Monday 10 September 2012
Microsoft PKI Update - October Patch Tuesday
Patch Tuesday in October will present a new challenge to IT admins across the globe as Microsoft increase the minimum RSA key length supported by all operating systems going back as far as Windows XP SP3.
The new 1024 bit requirement has the potential to cause large scale issues if certs are not updated to reflect the new security requirements of the O/S. Be warned and read the below advisory in order to keep systems compliant.
Microsoft Customer Advisory : http://support.microsoft.com/kb/2661254
CAPI2 Logging Utility : http://support.microsoft.com/kb/2661254
The new 1024 bit requirement has the potential to cause large scale issues if certs are not updated to reflect the new security requirements of the O/S. Be warned and read the below advisory in order to keep systems compliant.
Microsoft Customer Advisory : http://support.microsoft.com/kb/2661254
CAPI2 Logging Utility : http://support.microsoft.com/kb/2661254
Wednesday 5 September 2012
The User Profile Service failed the logon. User profile cannot be loaded
During a recent deployment of Windows 7 Enterprise with SCCM I ran into a strange issue after adding the install updates into the task sequence. When the O/S loaded only users with administrative rights who had logged on to the machine previously (i.e. local admin in this case) could log on.
For all other users they received the following message:
Microsoft do have a KB on this issue (http://support.microsoft.com/kb/947215), however in my scenario the user profile didn't exist so the fixes did not apply.
Having looked at the logs it became apparent that files within the C:\Users\Default directories had altered security permissions following the Windows updates.
As a work around I added the following command line task to reset permissions to default on the C:\Users\Default directory.
For all other users they received the following message:
"The User Profile Service service failed the logon"
Microsoft do have a KB on this issue (http://support.microsoft.com/kb/947215), however in my scenario the user profile didn't exist so the fixes did not apply.
Having looked at the logs it became apparent that files within the C:\Users\Default directories had altered security permissions following the Windows updates.
As a work around I added the following command line task to reset permissions to default on the C:\Users\Default directory.
Command : icacls C:\Users\Default\* /reset
Tuesday 4 September 2012
Installing Windows 8 Remote Server Administation Tools (RSAT) onWindows 8 RTM
Windows RSAT tools are obviously a must have set of tools for any systems administrator, allowing you to control all aspects of your core server environment from the comfort of your Windows client.
During the Beta process of Windows 8, Microsoft released a version for the O/S (http://www.microsoft.com/en-ie/download/details.aspx?id=28972). The new RSAT tool provided support for Server 2012 whilst sacrificing support for earlier Hyper-V servers and clusters, something I am sure will be corrected in the full release of the Win 8 RSAT expected later this month.
If you really feel the need to get the BETA RSAT tools installed on the RTM build of Windows 8, you will need to force the installation by running the MSU from the command line / explorer will generate an error.
To force the install of Windows 8 RSAT beta simply follow the below procedure.
UPDATE : RSAT RTM released : http://www.microsoft.com/en-us/download/details.aspx?id=28972
During the Beta process of Windows 8, Microsoft released a version for the O/S (http://www.microsoft.com/en-ie/download/details.aspx?id=28972). The new RSAT tool provided support for Server 2012 whilst sacrificing support for earlier Hyper-V servers and clusters, something I am sure will be corrected in the full release of the Win 8 RSAT expected later this month.
If you really feel the need to get the BETA RSAT tools installed on the RTM build of Windows 8, you will need to force the installation by running the MSU from the command line / explorer will generate an error.
To force the install of Windows 8 RSAT beta simply follow the below procedure.
- Download the Windows 8 RSAT MSU in either of its 32bit or 64bit flavours available on the Microsoft Download site (see link above).
- Expand the MSU using the following example:
(64 bit)
expand –f:* C:\RSAT\MSU\Windows6.2-KB2693643-x64.msu C:\RSAT\EXPANDED
(32 bit)
expand –f:* C:\RSAT\MSU\Windows6.2-KB2693643-x86.msu C:\RSAT\EXPANDED - Once the files are expanded you can use the Windows package manager (PKGMGR.exe) to install the update silently.
pkgmgr /ip /m:C:\RSAT\Expanded\Windows6.2-KB2693643-x64.cab
- The package will install silently and will take up to 10 minutes depending on your hardware, you can monitor the PKGMGR.exe process to determine when the update is installed.
- Once the update is installed go into Control Panel, Programs and Features and Turn Windows Features on or off. You should notice that the remote administration tool are installed:
UPDATE : RSAT RTM released : http://www.microsoft.com/en-us/download/details.aspx?id=28972
Subscribe to:
Posts (Atom)