Cohesity – DataPlatform in the Cloud

cohesityWhat separates vendors is focus and execution. In a crowded market, finding the right backup provider is no easy task. While each product has its pros and cons, finding the differentiator can be a daunting task. While Cohesity is relatively new to this space (founded in 2013), they have that focus and execution necessary to be a leader in the backup space.

But Cohesity is more than just backups. The Cohesity storage appliance not only handles your backup storage needs, but can also run your dev and test workloads. Cohesity is focused on your secondary storage needs. That secondary storage consists of any workloads or data that isn’t production. By avoiding the draw of being another primary storage vendor, Cohesity is listening to customers, learning their needs and creating a solution that can fit any size business.

storageiceberg

The Cohesity solution was built for a virtualized (VMware-only) environment. Connecting directly to your vCenter servers and pulling your inventory allowing administrators to create backup jobs and policies. While their start was in virtualization, there are still many physical workloads in the datacenter. Creating agents for physical Windows, Linux, and SQL server all backing up to the same storage system and with the same policies prove no workloads can’t be protected by Cohesity.

But wait, there’s more!

While data protection is important, that’s only a small portion of the Cohesity offering. Running these backups directly from the Cohesity storage arrays allows you to free up primary storage resources and (potential) bottlenecks when running multiple instances of the same VM on a single array. Leveraging the SSDs that come in each Cohesity node as a cache tier, testing software patches and deployments from your backed up production VMs means that your performance doesn’t suffer. And with a built in QoS engine your dev/test workloads don’t have to affect the speed of your backups.

Cohesity provides a scale-out solution, meaning as storage demand increases so can your secondary storage space. Operating under a single namespace, as new nodes are added, your space increases without needing to reconfigure jobs to point to a new array or manually re-striping data. Cohesity has customers that have scaled up to as much as 60 nodes with over a petabyte of storage.

To the cloud!

Policy-based backups and replication ensures that your data will be available. Cohesity has the ability to distribute data across the nodes in a cluster, replicate to clusters in another locations, and also replicate your data to a cloud provider in order to satisfy offsite backup requirements. The latest addition to the Cohesity software portfolio is the DataPlatform Cloud Edition. This gives you the ability to run Cohesity in the cloud.

DataPlatform CE is more than just replicating data to the cloud. Your VMs can be backed up to your on-premises cluster and that data can be replicated to your cloud-based array. From that cloud-based array, you can then clone virtual machines to a native cloud format. This means your servers can be run in the cloud in their native format and available to test or even run in the event of migrations or datacenter outages.

Many backup and data protection software vendors are doing replication to the cloud such as Veeam and Zerto. While the features isn’t new, its addition makes Cohesity a serious contender in this space. DataPlatform CE is available currently in tech preview in the Microsoft Azure Marketplace, but Cohesity hopes to release it in the first half of 2017 with support for Azure as well as AWS.

Wrapping Up

Data protection and availability is never going to be exciting. Swapping tapes and deploying agents is tedious work. A fully integrated software solution that not only protects your data, but also helps solve the problem of data sprawl, a platform for developers to test against production data in an isolated environment and the ability to migrate workloads to the cloud. That’s about as exciting as it gets in data protection and that is just the tip of the (storage) iceberg.

________________________________________

Take a look at posts by my fellow delegates from Tech Field Day 12 and watch the videos here.

First Look at Cohesity Cloud Edition
The Silent Threat of Dark Data
Cohesity Provides All of Your Secondary Storage Needs
Secondary Storage is Cohesity’s Primary Goal

________________________________________

Disclaimer: During Tech Field Day 12, my expenses (flight, hotel, transportation) were paid for by Gestalt IT. Cohesity provided each delegate with a gift bag, but I am under no obligation to write about any of the presented content nor am I compensated for such writing.

Veeam 7.0 Install on Windows 2012

Veeam Backup & Replication is one of my favorite piece of software I get to work with. I’ve been working with B&R since 2010 (v5) and it has always been easy to install, easy to configure, and quick to start taking backups and protecting my environment. And that is just the software, the company itself is even better. Their support forums are full of employees and users that are knowledgeable and quick to help. The best way to describe Veeam is a company that is on your side as an Administrator. They listen to their community, their users, their customers and are developing solutions that make our jobs easier.

The following guide walks you through installing SQL Express, Veeam, connecting to vCenter 5.5 and configuring deduplication for a secondary drive on Windows Server 2012 R2. I have a preference for installing all software to a secondary drive instead of the OS (C:\) drive so this documentation shows how to install each component to that secondary drive in the event you have the same preference as me.

Veeam’s site contains best practices regarding backup types, sizing of your Veeam server, deduplication recommendations, and everything else that goes into the planning of your Veeam Backup & Replication deployment. This guide is more just to show how to configure the components and an example of what I’m seeing for deduplication rates.

 

Prerequisites:
1. Windows Server 2012 R2 patched, joined to domain, with 2 additional drives (one for Veeam to be installed on and the other for backup data)
2. A user or group defined for Veeam administrators (required when doing a standalone SQL Express install in order to use Veeam, the service account used to run veeam must be a member of this group or added as a SQL Administrator in step 8)
3. A domain user account with admin rights to the vCenter server
4. Mount the Veeam B&R ISO
5. Turn off User Account Control (SQL Express install will fail without this)

Install:
1. Open “This PC”, located the Veeam disc, right click and choose “Open”
veeam7061614-step1
2. Browse to “Redistr\x64”, locate and double-click on “SQLEXPR_x64_ENU.exe”
veeam7061614-step2
3. Once the “SQL Server Installation Center” windows appears, click on “New installation or add features to an existing installation”
veeam7061614-step3
4. Accept the license terms and click “Next”
veeam7061614-step4
5. After Setup Support Files are loaded the SQL Server 2008 R2 Setup window will appear. Choose the features you’ll need (just Database Engine Services usually), change the Directories to the secondary drive (D:\ for this writing) and click “Next”
veeam7061614-step5
6. Enter the name of the instance and change the root directory to the secondary drive and click “Next”
veeam7061614-step6
7. You can run the SQL database engine as Network Service, but I prefer running as a named service account. Enter the domain\username, password, and click “Next”
veeam7061614-step7
8. Choose “Mixed Mode” for authentication type. Enter the “sa” password and immediately save it somewhere.
veeam7061614-step8

  • a. For “SQL Server administrators”, only users/groups added here will be able to open and run Veeam. Add all users that will need to access Veeam or create a group.
    veeam7061614-step8a
  • b. Click “Data Directories” tab and ensure all the directories are pointing to the secondary drive and click “Next” (For organization I prefer to create folders for each file, but it isn’t necessary)
    veeam7061614-step8b

9. Choose if you want to send error reports to Microsoft and click “Next”
veeam7061614-step9

  • a. Install will now begin to run

10. Once Installation completes, click “Close”
veeam7061614-step10
11. Navigate back to the root of the disc drive then locate and run “Setup.exe”
veeam7061614-step11
12. Click on install for “Veeam Backup & Replication”
veeam7061614-step12
13. Click “Next” through the initial setup screen
veeam7061614-step13
14. Read and accept the license agreement and click “Next”
veeam7061614-step14
15. If you have a license key add it now, otherwise click “Next”
veeam7061614-step15
16. Choose the program features to install. Click “Browse” button to change the installation to the secondary drive (you will have to make a new Folder name “Veeam” followed by “Backup and Replication” inside of it). Click “OK” then click “Next”
veeam7061614-step16
veeam7061614-step16-2
17. If any of the components that are required show a status of “Failed”, click the “Install” button
veeam7061614-step17

  • a. Once the installation completes the status will change to “Passed” then click “Next”
    veeam7061614-step17a

18. Enter the domain\username and password of the account Veeam will use to access vCenter and click “Next”
veeam7061614-step18

  • a. This user should be a local administrator on the server running Veeam or you’ll receive this message
    veeam7061614-step18a

19. Choose “Use existing instance of SQL Server”, select the Server\Instance and then enter a name for the Veeam database. Click “Next”
veeam7061614-step19

  • a. If the domain\veeam account isn’t in the Veeam Admins group, you will receive the following error that the user account “lacks CREATE ANY DATABASE permission”
    veeam7061614-step19a

20. Note the ports for Backup service and Catalog service and click “Next”
veeam7061614-step20
21. Change the “vPower NFS” directory to the secondary drive by clicking “Browse”, then navigate to the D:\Program Files\Veeam\Backup and Replication” then create a new folder inside named “NfsDatastore” and click “OK”.
veeam7061614-step21

  • a. For Guest file system catalog, click Browse and create a new folder named “VBRCatalog” under the D:\ drive. Click OK then “Next”
    veeam7061614-step21a1
    veeam7061614-step21a2

22. Review the configuration and then click “Install”
veeam7061614-step22
23. Once installation completes, click “Finish”
veeam7061614-step23
24. Now that Veeam is installed, let’s upgrade it to the latest patch. On Veeam’s website, download the latest patch for the version you’re running (Patch 4 for this writing) and copy it out to the server running Veeam.
25. Run the executable for this patch
veeam7061614-step25
26. Click “Next” through the first screen of the patch wizard
veeam7061614-step26
27. Click “Install” to begin the installation
veeam7061614-step27
28. Once the patch is installed, click “Finish”
veeam7061614-step28
29. Now that Veeam is installed and fully patched, locate Veeam Backup & Replication and open
veeam7061614-step29
30. You will receive a message about components that need to be updated (vPower NFS, Transports, Installer, etc). Click the check box next to the server and click “Next”
veeam7061614-step30
31. Click “Finish” once the components have been updated
veeam7061614-step31
32. Click the menu button and then click on “Options”
veeam7061614-step32
33. Click the check box for “Enable e-mail notification” and then enter your SMTP server, from email and to email. Click “OK”
veeam7061614-step33
34. Click on “Virtual Machines” towards the lower-left of the window and click “Add Server”
veeam7061614-step34
35. Click on your Server type (VMware vSphere for this writing)
veeam7061614-step35
36. Enter the name or IP of the vCenter server and click “Next”
veeam7061614-step36
37. For credentials, click “Add” then enter the domain\username and password for the Veeam account used to connect to vCenter. Click “OK” then click “Next”
veeam7061614-step37
38. Once the server has been added, click “Finish”
39. By default, the folder all VM backups are stored in is “C:\backup”. To change this before you create any backup jobs is to click on “Backup Infrastructure” towards the lower left of the window then click on “Backup Repositories”
veeam7061614-step39
40. Click the “Add Repository” button towards the top-left
veeam7061614-step40
41. Name your Backup Repository and click “Next”
veeam7061614-step41
42. Choose the type of repository (Microsoft Windows server) and click “Next”
veeam7061614-step42
43. Click the “Populate” button then select the backup drive and click “Next”
veeam7061614-step43
44. Enter the folder name (I took the default of D:\Backups) and click the populate button to see the capacity and free space of the drive. Limit the max concurrent tasks and/or data ingestion rate and click “Next”
veeam7061614-step44
45. Ensure vPower NFS is enabled and click “Next”
veeam7061614-step45
46. Review the settings and click “Next”
veeam7061614-step46
47. Once it completes, click “Finish”
veeam7061614-step47
48. Once the new repository appears, click the Menu button in the top-left corner and then click “Configuration Backup”
veeam7061614-step48
49. Change the Backup repository to the newly created repository and click “OK”
veeam7061614-step49
50. Right click on the “Default Backup Repository” and click “Remove” and click “Yes” to confirm delete
veeam7061614-step50
51. Now that a new repository is created, we need to enable deduplication on that folder. Open Server Manager, click on “Manage” then choose “Add Roles and Features”
veeam7061614-step51
52. Click “Next” through the “Before you begin” screen
53. Choose “Role-based or feature-based installation” and click “Next”
veeam7061614-step53
54. Choose “Select a server from the server pool” and select the current server then click “Next”
veeam7061614-step54
55. Expand “File and Storage Services”, then “File and iSCSI Services” and then check the box next to “Data Deduplication” and click “Next”
veeam7061614-step55
56. Click “Next” through “Features”
57. Click “Install”
veeam7061614-step57
58. Once installation is complete, click “Close”
59. Back in “Server Manager”, click on “File and Storage Services”
veeam7061614-step59
60. Click on “Volumes”, right-click the drive that we’ll be enabling dedupe for and choose “Configure Data Deduplication”
veeam7061614-step60
61. Set data deduplication from “Disabled” to “General purpose file server”, change “Deduplicate files older than (in days)” to 0.
veeam7061614-step61

  • a. To exclude folders from being deduped on that disk, click the “Add” button, expand the “Z:\” drive, and select each folder to prevent deduplication. In our setup, only backups are going to the Z:\ drive so we’ll skip this
  • b. Click “Set Deduplication Schedule” and then check the box for “Enable throughput optimization”. You will set the schedule for when dedupe runs. This should run when your backups are NOT running. My backups run OUTSIDE business hours, so dedupe should run DURING business hours. Click “OK” when finished and “OK” again
    veeam7061614-step61b

Now that Veeam is setup and connected to vCenter and we have a backup repository created with dedupe enabled, let’s take a look and see what kind of savings we get when we take our backups. One thing to note is that you won’t see much dedupe savings on a single backup file, but on a long backup chain and multiple backup jobs is where the real savings starts to come into play.

I have configured backups of 2 of my Exchange 2013 servers to run every 6 hours and keep 28 restore points (7 days). This backup job is set to “Reverse incremental” and Veeam is performing inline dedupe, compression set to “Optimal” and optimized for “Local target”. My first full backup was 36.3GB. Over the next 3 days, I have taken 12 more backups for a total of 75.1GB.
veeam7061614-veeam1

After dedupe ran over the last 3 days, we see the size as 75.1GB, but Size on disk is only 10.5GB
veeam7061614-veeam2

This is where it gets a little interesting though. In powershell, running the command “Get-DedupStatus” only shows a savings of 14GB. I’m not sure which one is accurate, but even a savings of just 14GB in one backup job is an improvement. Since Windows Server 2012 deduplication runs across all files on a volume, you will see increased savings for every new backup file that’s created for every job that writes to that backup repository.
veeam7061614-veeam3

vCenter Server 5.5 Custom Install

In order to install the 4 components of vCenter (SSO, Web Client, Inventory Service, and vCenter Server) onto a secondary drive on the same Server, you must perform a “Custom Install”. This guide will walk you through the process of installing each of these components as well as SQL 2008 Express to the secondary drive of a Server. This can also be used to install the individual components on separate servers. In total, this is just over 100 steps to walk through so it will take some time.

 

Prerequisites:

1. Create a new virtual machine and add it to the domain
2. Add a second hard disk to install vCenter on
3. Add the update manager and vCenter service domain users as a local admins (vudatemanager, vmwareservice for this writing)
4. Mount the ISO for vCenter 5.5
5. Ensure User Account Control is turned off and the server has been rebooted (SQL will fail without this)

 

Install:

1. Open computer, right click on the VMware VIM disk and choose “Open”
VC051814-step1
2. Navigate to \redist\SQLEXPR and double click “SQLEXPR_x64_ENU”
VC051814-step2
3. After files are extracted, choose “New installation or add features to an existing installation”
VC051814-step3
4. Check the box to accept the license terms and click “Next”
VC051814-step4
5. Uncheck “SQL Server Replication” and change the share feature directories to the “D:\” drive and click “Next”
VC051814-step5
6. Name the Instance and change the instance root directory to the D:\ drive. Click “Next”
VC051814-step6
7. SQL Database Engine can run as Network Service, but I prefer using a named account. Click “Next”
VC051814-step7
8. Click on the “Data Directories” tab to ensure all directories are pointed at the secondary drive
VC051814-step8
9. Click on the “Account Provisioning” tab and change the authentication to “Mixed Mode”. Enter an “sa” password (save it immediately), then add any SQL Admins that are required and click “Next”
VC051814-step9
10. Click “Next” through Error Reporting screen
11. Click “Close” once the installation finishes
12. Click Start, then type “cmd”, right-click on cmd.exe and choose “Run as administrator”
VC051814-step12
13. Ensure your current path is “C:\Windows\system32” and type “sqlcmd.exe -S DEN-vCenter01\VCENTERSQLEXPR” (This is to connect to the instance named “VCENTERSQLEXPR” on the server “DEN-vCenter01” which is the server I am currently connected to)
VC051814-step13
14. Run the following commands pressing “enter” after each line (this will create the vCenter Database, add domain\vmwareservice as a use and db_owner, then add as user and db_owner of the msdb database)
CREATE DATABASE [vCenterDB]
GO
ALTER DATABASE [vCenterDB] SET COMPATIBILITY_LEVEL = 100
GO
ALTER DATABASE [vCenterDB] SET RECOVERY SIMPLE
GO
USE [vCenterDB]
GO
CREATE USER [domain\vmwareservice] FOR LOGIN [domain\vmwareservice]
GO
EXEC sp_addrolemember 'db_owner', 'domain\vmwareservice'
GO
USE msdb
GO
CREATE USER [domain\vmwareservice] FOR LOGIN [domain\vmwareservice]
GO
EXEC sp_addrolemember 'db_owner', 'domain\vmwareservice'
GO

VC051814-step14
15. Type “exit” and then close CMD window
16. Login as the vCenter Service account which should be added as a local administrator
17. Go to start, administrative tools, and chooce “Data Source (ODBC)”
VC051814-step17
18. Click the “System DSN” tab and click “Add”
VC051814-step18
19. Choose “SQL Server Native Client 10.0” and click “Finish”
VC051814-step19
20. Enter a useful name, description and browse for the local Instance
VC051814-step20
21. Choose “With Integrated Windows authentication” and click “Next”
VC051814-step21
22. Change the default database to the newly created vCenterDB and click “Next”
VC051814-step22
23. Click “Finish”
VC051814-step23
24. Click “Test Data Source” to ensure connection then click “OK” and “OK”
VC051814-step24
(Running the vCenter Components install failed when logged in as the VMware Service account for me so the rest of these steps can be performed by another admin account for this server.)
25. Open computer and double-click on the VMware VIM disc
VC051814-step25
26. Click “vCenter Single Sign-On” under “Custom Install” and click “Install”
VC051814-step26
27. Click “Next” for vCenter Single Sign-On
VC051814-step27
28. Accept the license agreement and click “Next”
VC051814-step28
29. Review the SSO information and check the box for “Add [DOMAIN] as a Native Active Directory identity source” and click “Next”
VC051814-step29
30. Choose “vCenter Single Sign-On for your first vCenter Server” and click “Next”
VC051814-step30
31. Enter the password for the local account for SSO (this is not the domain admin or your own account, this is a local account to administer SSO in the event the domain is unavailable). Save the password immediately and click “Next”
VC051814-step31
32. Enter a site name (if needed) and click “Next”
VC051814-step32
33. Note the HTTPS port and click “Next”
VC051814-step33
34. Change the destination folder to the secondary drive (D: for this writing) and click “Next”
VC051814-step34
35. Review the options and click “Install”
VC051814-step35
36. Click “Finish” when it’s done installing
VC051814-step36
37. Now click on “vSphere Web Client” under “Custom Install” and click “Install”
VC051814-step37
38. Choose “English” and click “OK”
VC051814-step38
39. Click “Next”
VC051814-step39
40. Accept the license agreement and click “Next”
VC051814-step40
41. Change the install directory to the “D:\” drive and click “Next”
VC051814-step41
42. Note the web client ports and click “Next”
VC051814-step42
43. Enter the password for the administrator@vsphere.local account and click “Next”
VC051814-step43
44. Click “Yes” for the SSL fingerprint
45. Click “Install certificates” when you see the “Certificate Installation for Secure Connection”
VC051814-step45
46. Click “Install”
VC051814-step46
47. Click “Finish”
VC051814-step47
48. Click “OK” for this message about access time for the Web Client
VC051814-step48
49. Click on “vCenter Inventory Service” under “Custom Install” then click “Install”
VC051814-step49
50. Choose “English” and click “OK”
VC051814-step50
51. Click “Next” to begin the Inventory Service installation
VC051814-step51
52. Accept the license agreement and click “Next”
VC051814-step52
53. Change the install directory to the “D:\” drive and click “Next”
VC051814-step53
54. Ensure the FQDN is correct and click “Next”
VC051814-step54
55. Note the ports and click “Next”
VC051814-step55
56. Select the appropriate Inventory size and click “Next”
VC051814-step56
57. Enter the password for the administrator@vsphere.local account and click “Next”
VC051814-step57
58. Click “Yes” for the SSL fingerprint
59. Click “Install” to begin installation
VC051814-step59
60. Click “Finish” once the installation is complete
VC051814-step60
61. Click “vCenter Server” under “Custom Install” and then click “Install”
VC051814-step61
62. Choose “English” and click “OK”
VC051814-step62
63. Click “Next” to begin installation wizard
VC051814-step63
64. Accept the license agreement and click “Next”
VC051814-step64
65. Enter the license key (if available) and then click “Next”
VC051814-step65
66. Click “Use an existing supported database” and select the ODBC connection created earlier and click “Next”
VC051814-step66
67. Click “Next”
VC051814-step67
68. If the JDBC URL fails, restart the SQL Service (Administrative Tools -> Services and locate “SQL Server (InstanceName)”) on the local server and attempt the connection again
VC051814-step68
69. Enter your password to run the vCenter service (but we’ll change this after creation)
VC051814-step69
70. Select “Create a standalone VMware vCenter Server instance” and click “Next”
VC051814-step70
71. Note the provisioned ports and click “Next”
VC051814-step71
72. Select the appropriate inventory size and click “Next”
VC051814-step72
73. Enter the administrator@vsphere.local SSO password and click “Next”
VC051814-step73
74. Click “yes” for the SSL fingerprint
75. Click “Next” to register administrator@vsphere.local as an Administrator
VC051814-step75
76. Confirm the vCenter Inventory URL and click “Next”
VC051814-step76
77. Change the installation to the “D:\” drive and click “Next”
VC051814-step77
78. Click “Install”
VC051814-step78
79. Once installation completes, click “Finish”
VC051814-step79
80. Click Start, Administrative Tools, then choose “Services”
VC051814-step80
81. Locate “VMware VirtualCenter Server” service, right-click and choose “Properties”
VC051814-step81
82. Click on the “Log On” tab and then click on the “Browse” button
VC051814-step82
83. Change the “Location” to your domain then enter the name of the user account that will run the vCenter Service (vmwareservice for this writing) and click “OK”
VC051814-step83
84. Enter the password for this account and then click “OK”
VC051814-step84
85. Click “OK” to grant log on as a service rights then click “OK” about it not taking affect until a service restart
VC051814-step85
86. Locate the “VMware VirtualCenter Management Webservices” service and change it’s logon account to same account we just used for the VirtualCenter Server service (vmwareservice for this writing)
VC051814-step86
87. Right-click on “VMware VirtualCenter Server” service and choose “Restart”. You will be prompted that the “Vmware VirtualCenter Management Webservices” needs to be restarted as well. Click “Yes” for that prompt
VC051814-step87a
VC051814-step87b
88. After the services restart, open your browser and connect to https:// IPofvCenter:9443/vsphere-client and login as administrator@vsphere.local with the password assigned earlier
89. Once logged in, click on “Administrator” on the left pane
VC051814-step89
90. Click on “Users and Groups” under “Single Sign-On”
VC051814-step90
91. Click the “Groups” tab then click on”Administrators” under “Group Name”
VC051814-step91
92. Click the “Add Member” button under “Group Members”
VC051814-step92
93. Change the Domain to your domain, then search for the Active Directory user or group to be added as an Administrator. Click the user/group then click the “Add” button followed by “OK”
VC051814-step93
94. Click the “Home” button towards the top left corner
VC051814-step94
95. Click on “vCenter”
VC051814-step95
96. Click on “vCenter Servers”
VC051814-step96
97. Click on your vCenter server
VC051814-step97
98. Click the “Manage” tab followed by “Permissions”
VC051814-step98
99. Click the “Add Permission” button
VC051814-step99
100. Click the “Add” button towards the lower left then search for the Active Directory user/group to be added as a vCenter Administrator (ensure the Domain is set to your domain). Click the user/group, then click “Add” followed by “OK”
VC051814-step100
101. Changed “Assigned Role” to “Administrator” from the drop-down and then click “OK”
VC051814-step101

 

At this point your vCenter server is installed and configured with an Administrator account added for SSO as well as vCenter itself. To install the Update Manager service, click here to view the steps to install and configure. Your steps will differ as those instructions are for connecting to a mirrored database for Update Manager, but the rest of the steps are similar. You will just need to provision a database and grant the update manager user account db_owner to msdb and the Update Manager database. This can be done the same way as in step 14, just change the database name and the user name.

To complete the vCenter configuration (create a datacenter, add hosts), click here to open the step-by-step guide and scroll to step 44.

vCenter 5.5 Update Manager Install with SQL Mirroring

When I first started at my current job we were a company with a few standalone SQL Servers. There were development and production instances on both SQL 2005 and 2008. This isn’t a problem, but we lacked any kind of High Availability for these databases. One of the first projects I took on was creating a SQL 2012 Failover Cluster. The setup was relatively painless and it provided us the ability to patch SQL hosts without having to take down any of the applications that depending on it. The drawback was every time I did a cluster failover vCenter Update Manager would stop working and the service needed to be restarted. A minor annoyance, but something that always bothered me.

To alleviate this (and with available SQL licenses), I implemented a new SQL 2012 Mirrored instance and while I was building our brand new ESXi 5.5 environment it was the perfect time to move the vCenter Update Manager database to SQL mirroring. While I don’t have a blog post about how to setup SQL Mirroring (but I do have the process documented), this shows the process of provisioning the databases on the Principle and the Mirror and the commands to mirror the database with automatic failover (with a Witness server). In the future I hope to blog about the setup of SQL Mirroring.

 

Prerequisites:

  1. Have vCenter 5.5 already installed and running
  2. Download the ISO for vCenter 5.5 from VMware which will need to be mounted on the server that will host vCenter Update Manager (VUM).
  3. Have an additional Disk drive added to the destination server hosting Update manager because I prefer leaving the OS drive for the OS and all programs are installed on the secondary data disk.
  4. 3 Servers with SQL installed and configured for mirroring (Principle, Mirror, Witness).
  5. Install the 64-bit SQL 10 Native Client from the SQL 2008 install .ISO (sqlncli.msi) on the server hosting VUM.
  6. A domain user account to run the VUM service and connect to SQL (domain\vupdatemanager for this writing)

 

SQL Mirroring Configuration:

  1. Connect to the principle SQL server (SQLMir-01 for this writing)
  2. Expand Security and Logins. Right click “Logins” and click “New Login”
    DB051314-step2
  3. Enter the login name for the Update Manager Active Directory account, choose “Windows Authentication”
    1. Change the “Default database” to “msdb” and click “OK”
      DB051314-step3a
    2. Click on “User Mapping” and place a check next to “msdb” then under “Database role membership” place a check next to “db_owner”
      DB051314-step3b
  4. Right click on “Databases” and choose “New Database”
    DB051314-step4

    1. Enter the database name
      DB051314-step4a

      1. Click the “…” button next to “Owner” and browse for the login we just created, place a check mark for it and click “OK” and “OK”
        DB051314-step4ai
    2. Click the “Options” link on the left side and ensure that Recovery Model is set to “Full” and Compatibility level is set to “SQL Server 2012 (110)” then click “OK”
      DB051314-step4b
  5. Right click on the newly created database and go to “Tasks” followed by “Back Up”
    DB051314-step5

    1. Name the backup file and note the location of the backup file and click “OK”
      DB051314-step5a
    2. Navigate to that Location and copy the backup
      DB051314-step5b
    3. Paste this file on to the Mirror Server
      DB051314-step5c
  6. Connect to the Mirror SQL Server (SQLMir-02 for this writing) and create the Update Manager account just like in Step 3 on that server as well (Do not create the database)
  7. Right click on “Databases” and choose “Restore Database”
    DB051314-step7

    1. Click “Device” for the source, then click the “…” button, click the “Add” button and it locate the .BAK file. Click on it and click “OK”, then “OK” again.
      DB051314-step7a
    2. Click the “Options” link on the left side and change “Recovery state” to “RESTORE WITH NORECOVERY” then click “OK”
      DB051314-step7b
  8. On the Mirror SQL server (SQLMir-02), click on “New Query” and run the following command: (This is creating the connection for the Mirror to allow mirroring from the Principle)
    DB051314-step8

    1. ALTER DATABASE vCenterUpdateManager
      SET PARTNER = 'TCP://SQLMIR01-Mirror.domain.com:5022'
  9. Back on the primary SQL server, click on “New Query” and run the following commands:
    1. ALTER DATABASE vCenterUpdateManager
      SET PARTNER = 'TCP://SQLMIR01-Mirror.domain.com:5022'
      GO
      ALTER DATABASE vCenterUpdateManager
      SET WITNESS = 'TCP://SQLWIT01-Mirror.domain.com:5022'

The SQL Servers (Principle, Mirror, Witness) have multiple network connections (Production, Mirror, and Backup). A DNS entry was created for their Mirror network IPs to allow them to communicate over a non-routable network to minimize latency. Mirroring would work if I set the string to “TCP://SQLMir-01.domain.com:5022” if a private network isn’t available.

 

vCenter Update Manager Install/Config:

  1. Login to the server as the user account that will connecting to vCenter/update manager database (domain\vupdatemanager for this writing)
  2. Create a 32bit ODBC connection to the SQL database
    a. Navigate to C:\Windows\SysWOW64 and open “odbcad32.exe”
    VUM051314-step2a
    b. Click the “System DSN” tab then click the “Add” button
    VUM051314-step2b
    c. Scroll to the bottom and choose “SQL Server Native Client 10.0” and click “Finish”
    VUM051314-step2c
    d. Enter the name of the connection and find the SQL Server\Instance and click “Next”
    VUM051314-step2d
    e. Choose “With Integrated Windows authentication” and click “Next”
    f. Change the default database to the Update Manager Database then set the Mirror Server as the SQL Server Name\Instance. Click “Next”
    VUM051314-step2f
    g. Click “Finish” then click “Test Data Source”. If test is successful, click “OK” then “OK” again and again
    VUM051314-step2g
  3. After the ISO has been mounted on the virtual machine, open “Computer” and open the CD
  4. If the installer doesn’t automatically open, locate the “autorun” application and double-click it.
  5. At the installer screen, choose “vSphere Update Manager” under the “VMware vCenter Support Tools” section. Then click “Install”
    VUM051314-step5
    a. Choose the appropriate language and click “OK”
    b. Click “Next” to begin the install process
    c. Accept the license agreement and click “Next”
    d. Leave the box for “Download updates from default sources” checked and click “Next”
    VUM051314-step5d
    e. Enter the FQDN or IP of the vCenter server to be connected to as well as the username/password for the account you’re currently logged in as (I’ve made this account an Administrator in vCenter at the Datacenter level)
    VUM051314-step5ei
    f. Choose “Use an existing supported database” and then choose the DSN connection created in step 2 and click “Next”
    VUM051314-step5f
    g. Click “Next” to confirm the database information and click “OK” to ignore the warning about Full recovery
    h. Choose the IP address and note the ports being used then click “Next”
    VUM051314-step5h
    i. Change the Install directory from C: to D: and then click “Next”
    VUM051314-step5i
    j. Click “Install”
    k. Click “Finish”
  6. After installation completes, press the Start button, Administrative Tools, then Services
    VUM051314-step6
    a. Locate the “VMware vSphere Update Manager Service”, right click and choose “Properties”
    VUM051314-step6a
    b. Click the “Log On” tab and click the “This account” button then enter the login information for the domain account used for update manager then click “Apply”
    VUM051314-step6b
    c. Click “OK” for the dialog box about granting log on as a service rights
    d. After the new service account has been applied, click the “General” tab then click the “Stop” button. Once the service has stopped, hit the “Start” button. Then click “OK”
  7. Open up the vSphere client (not the web interface) and login to the vCenter server
    a. Click the “Home” button
    VUM051314-step7a
    b. Click the “Update Manager” button under “Solutions and Applications”
    VUM051314-step7b
    c. Click on the “Baselines and Groups” tab
    VUM051314-step7c
    d. Click the “Create” link towards the top right corner under “Compliance View”
    VUM051314-step7d
    e. Select “Host Baseline Group” and give it a name (“All Patches” for this example). Click “Next”
    VUM051314-step7e
    f. Click “Next” through “Upgrades” page
    g. Select both Critical and Non-critical patches and click “Next”
    VUM051314-step7g
    h. Click “Next” through the “Extensions” page
    i. Review the settings and click “Finish”
    VUM051314-step7i
  8. Click the “Home” button again then choose “Hosts and Clusters”
    VUM051314-step8
    a. (For this writing, we’ll attach the baseline group to the Datacenter, but I usually apply this at the cluster level)
    b. Click on the Datacenter then click on the “Update Manager” tab
    VUM051314-step8b
    c. Click the “Attach” link towards the top right corner
    VUM051314-step8c
    d. Under “Baseline Groups” choose the name of the Baseline group created and click “Attach”
    VUM051314-step8d
    e. Once attached, all the Hosts will display under “All Groups and Independent Baselines”. Click the “scan” button towards the top right corner
    VUM051314-step8e
    f. Click the “Scan” button on the pop up box
    VUM051314-step8f
    g. Once scanning is completed, click the “Stage” button towards the bottom right corner
    VUM051314-step8g
    h. Ensure both Critical and Non-critical patches are selected as well as the host and click “Next”
    VUM051314-step8h
    i. Click “Next” after reviewing the patches to be applied
    VUM051314-step8i
    j. Then click “Finish” (All patches that can be staged will be placed on the host, some that can’t be staged will be loaded once you choose “Remediate”)
    k. Once staged, click the “Remediate” button towards the bottom right corner
    l. Click the baseline group created earlier then click “Next”
    VUM051314-step8l
    m. Review the patches and click “Next”
    VUM051314-step8m
    n. Choose “Immediately” for the remediation time and click “Next”
    VUM051314-step8n
    o. Choose your VM power state options (In a multi-host cluster choosing “Do Not Change VM Power State” will cause VMs to be vMotioned to another host when entering maintenance mode)
    VUM051314-step8o
    p. Click Finish (This will cause the Host to enter maintenance mode, apply patches, and reboot if necessary)
  9. After the host finishes rebooting we’ll see the new build number
    VUM051314-step9

Applying baselines at the cluster level will help to ensure all your hosts are running the same builds/patches and help prevent version mismatch issues. I prefer to created one baseline for all my hosts that includes any required extensions. In my environment we run NetApp storage which requires a host component to take advantage of VAAI. By adding this into my required patching I make sure all my hosts are able to take advantage of this.