Avamar Data Domain Whitepaper

VCE Word Template Table of Contents

C

EC

2012 VCE Company, LLC. All Rights Reserved.

VBLOCK SYSTEMS BACKUP AND RECOVERY

BEST PRACTICES

July 2012

WHITE PAPER


www.vce.com

2 2012 VCE Company, LLC. All Rights Reserved.

C

EC

Contents

Executive summary ................................................................................................................. 4

Benefits .................................................................................................................................. 4

Objectives ............................................................................................................................... 5

Use cases: backup and recovery ........................................................................................... 5

Audience................................................................................................................................. 5

Feedback ................................................................................................................................ 5

Technology overview ............................................................................................................... 6

Vblock Systems ................................................................................................................... 6

EMC Avamar .......................................................................................................................... 7

EMC Avamar virtual machine image proxy ............................................................................. 7

EMC Avamar file-level recovery proxy .................................................................................... 7

VMware vCenter Server .......................................................................................................... 7

VMware ESXi ......................................................................................................................... 7

VMware VADP ........................................................................................................................ 8

VMware Changed Block Tracking ........................................................................................... 8

VMware VMDK ....................................................................................................................... 8

Data Domain target hardware ................................................................................................. 8

Data Domain Boost ................................................................................................................. 9

Architecture overview .............................................................................................................10

Avamar architecture with Vblock systems ..............................................................................12

Avamar and Data Domain architecture with Vblock systems..................................................13

Avamar architecture and best practices ...............................................................................14

Integration of EMC Avamar with Vblock systems ...................................................................15

Recovery ............................................................................................................................15

Replication ..........................................................................................................................19

Avamar with Data Domain architecture and best practices .................................................20

Integration of Avamar and Data Domain with Vblock systems ...............................................20

Recovery ............................................................................................................................21

Replication ..........................................................................................................................21

Using Avamar/Data Domain centralized control and management .....................................22

Example One: Configure a Data Domain system within the Avamar Administrator interface

..............................................................................................................................................22


C

EC

Example Two: Specify a dataset policy within the Avamar Administrator interface .............27

VCE-recommended solutions for daily data Protection .......................................................30

VCE Vblock Data Protection Cabinets ...................................................................................30

Avamar-only single cabinet .................................................................................................31

Avamar-only multi-cabinet ..................................................................................................32

Avamar and Data Domain 670 single cabinet .....................................................................33

Avamar and Data Domain 890 multi-cabinet .......................................................................34

Avamar and Data Domain 890 multi-cabinet .......................................................................35

VCE-supported configuration rules for Avamar with Vblock systems, and for Avamar and Data

Domain with Vblock systems .................................................................................................37

Conclusion ..............................................................................................................................38

Next Steps .............................................................................................................................38

References ..............................................................................................................................39


C

EC

Executive summary

Most corporate Information Technology departments are tasked with protecting an ever-increasing

volume of business applications and data. At the same time, budgets are not expanding to match this

growth. The only way to meet these business . In a drive for

greater efficiency, the IT industry has moved rapidly toward server virtualization. Having now realized

the benefits of virtualization, the industry has moved to the next step for even greater efficiency:

converged infrastructures such as VCE Vblock Systems.

During the move to server virtualization, early adopters quickly discovered that the use of traditional

backup, recovery, and archiving solutions for daily data protection creates bottlenecks in a virtualized

infrastructure. Those bottlenecks not only extend the required backup window, but they also set a cap

on the number of virtual servers that can exist on each physical server blade.

The EMC Avamar data protection product on VCE Vblock systems directly addresses and resolves

problem in virtual environments. Avamar is extremely effective at delivering

backups in less time, using fewer network resources and fewer virtual server resources than other

options. In addition, it is tightly integrated with VMware. All of this translates into real capital savings

and operational benefits. For these reasons, Avamar is an excellent choice to be used with Vblock

systems.

When used along with EMC Data Domain on Vblock systems, Avamar will, in many scenarios,

expand backup scalability and further lower the cost per terabyte of data backup.

This VCE-recommended backup solution includes two options, along with best practices for each:

An Avamar-only solution on Vblock systems

A highly effective combination of Avamar and Data Domain on Vblock systems

Using the Avamar interfaces and workflows, one can quickly and easily direct enterprise-wide

backups to both of these EMC deduplication platforms, while simplifying the backup management

infrastructure. This combination and

simplicity and efficiency, as well as Vblock systems power and scalability.

This paper highlights the specific features of these integrations, and explains how the integration of

Data Domain systems into the Avamar management framework can enhance the management and

optimization of backup operations without additional management overhead.

Described are the solutions architectures hardware, software, and best practices for each solution, as

well as the cabinet modules offered for these solutions.

This paper also explains how to use the Avamar Administrator management tools to control data

flow, and provides two examples with steps for using Avamar Administrator.

Benefits

The benefits of using the data protection solutions and best practices described in this paper include:

The best of breed compute, networking, storage, and virtualization technologies


C

EC

A fully virtualized environment with the inherent efficiencies and flexibilities of VMware

Elimination of bottlenecks that hamper scaling up

Greater efficiency and cost-effectiveness of the Vblock systems investment

Objectives

This white paper explains best practices and the Avamar Administrator tool use through scenarios

and steps for two options:

1. Avamar-only on Vblock systems

2. Avamar and Data Domain combined on Vblock systems

Use cases: backup and recovery

Avamar is a backup-and-recovery software solution and a backup data target, whereas Data Domain

is a backup data target that requires backup-and-recovery software to function. Together, Avamar and

Data Domain support once-per-day backups and daily movement of a backup copy to an offsite

archive without the risk inherent in transporting physical media. The products have tight integration

with VMware deduplication capabilities, which reduces network I/O requirements, and have modules

that support databases and Microsoft Exchange.

(where the backup data is stored) and the Data Domain target

hardware are both de-duplication technologies, but the way they perform the deduplicated backups is

different. As a result, Avamar and Data Domain targets have different advantages. Rather than having

to choose one type of technology over the other, customers can use a combination of the two types of

targets, resulting in the fastest and most cost effective solution possible.

Audience

This white paper is intended primarily for backup systems administrators and IT administrators who

are responsible for architecting and deploying data protection solutions across the virtualized

enterprise. Knowledge of basic data deduplication concepts is assumed.

Feedback

To suggest documentation changes and provide feedback on this paper, send email to

[email protected]. Include the title of this paper, the name of the topic to which your comment

applies, and your feedback.
mailto:[email protected]


C

EC

Technology overview

This solution uses the following components and technologies:

Vblock Systems

EMC Avamar v6.1

EMC Avamar virtual machine image proxy

EMC Avamar file-level recovery proxy

VMware vCenter Server

VMware ESXi

VMware VMware vStorage API for Data Protection (VADP)

VMware Changed Block Tracking

VMware Virtual Machine Disk (VMDK)

EMC Data Domain target hardware

EMC Data Domain Boost

Vblock Syste ms

Vblock systems are enterprise- and service-provider-class IT infrastructure units that are pre-

engineered, tested, and validated with pre-defined performance, capacity, and availability service

levels. The standardized converged infrastructure of Vblock systems is a foundation block for cloud

computing that helps customers realize the benefits of applications running in a virtualized

environment.

Vblock systems are characterized by:

Repeatable units of construction based on matched performance, operational characteristics,

and discrete requirements of power, space, and cooling

Repeatable design patterns that facilitate rapid deployment, integration, and scalability

An architecture that can be scaled for the highest efficiencies in virtualization and workload

mobility

An extensible management and orchestration model based on industry-standard tools, APIs,

and methods

A design that contains, manages, and mitigates failure scenarios in hardware and software

environments

Vblock systems provide pre-engineered, production-ready (fully tested) virtualized infrastructure

components, including industry-leading technology from Cisco, EMC, and VMware. Vblock systems

are designed and built to satisfy a broad range of customer implementation requirements.

Note: Refer to the Vblock Infrastructure Platform Architecture Overview for detailed information on the

Vblock systems architecture.
http://www.vce.com/pdf/solutions/vce-vblock-infrastructure-reference-architecture.pdf


C

EC

EMC Avamar

EMC Avamar is a deduplication backup-and-recovery software and system solution. It performs

deduplication on the client, which eliminates data from backup streams before it crosses the network.

Client deduplication realizes savings on bandwidth, storage, and backup windows.

vStorage API (in vSphere as deployed in Vblock systems) also provides the ESXi hypervisor

architecture.

EMC Avamar virtual machine image proxy

Avamar image proxy servers are a key element of image-level protection. They are delivered as

vSphere-deployable Open Virtualization Archive (OVA) templates. An OVA template contains a

packaged image proxy virtual machine that includes both VMware and Avamar code for the purpose

of image-level backups and recoveries. This machine is configured with a single CPU and consumes

1 GB of memory. Avamar image proxy machines use the VMware vStorage APIs to mount the virtual

machine files that require protection. The administrator has the flexibility to deploy multiple proxies

based on the operating system environment requirements. Multiple proxy deployments allow

simultaneous backups and recoveries. During the initial deployment, the administrator assigns

separate proxy servers to protect Windows and Linux virtual machines (VM)

EMC Avamar file -level recovery proxy

An Avamar file-level recovery proxy is a VM that allows a single file to be recovered into a VM from a

full image backup. Avamar file-level recovery proxies require a VM that is running Windows Server

2003 SP2. EMC recommends one CPU and 1 GB of memory for this VM. This proxy VM leverages

the Avamar Virtual File System (AvFS) to create a browseable view within a VM

selectable recovery.

VMware vCenter Server

VMware vCenter Server provides a scalable and extensible platform that forms the foundation for

virtualization management. It centrally manages VMware vSphere environments and allows IT

administrators to dramatically improve control over the virtual environment. It manages the ESXi

server, VMs, and user access, and helps provide Avamar with the information it requires. This

information can encompass anything from a simple list of VMs within the environment to the

information needed to configure VMs for backup and recovery.

VMware ESXi

VMware vSphere is the virtualization platform that provides the foundation for the private cloud. The

core VMware vSphere components are the VMware ESXi enterprise hypervisor and VMware vCenter

Server for management. The VMware vSphere ESXi hypervisor runs in the Vblock systems.


C

EC

VMware VADP

VMware VADP produces in-depth details of sizing, deployment, and data flow, providing a total

VMware data protection plan that can be used in conjunction with Avamar on Vblock systems.

VMware Changed Block Tracking

VMware Changed Block Tracking is a VMware feature that helps perform incremental backups.

VMware Data Recovery uses this technology, and so can developers of backup and recovery

software. Avamar leverages this feature for efficient backup of VMware guest servers.

VMware VMDK

VMware VMDK is a file format used for virtual appliances developed for VMware products. The format

is a container for virtual hard disk drives to be used in VMs like VMware Workstation or Virtualbox.

VMDK is an open format.

A VM is a tightly isolated software container that can run its own operating system and applications as

if it were a physical computer. A VM behaves exactly like a physical computer and contains it own

virtual (software-based) CPU, RAM, hard disk, and network interface card (NIC). A VM is composed

entirely of software and contains no hardware components whatsoever. As a result, VMs offer a

number of distinct advantages over physical hardware.

between a VM and a physical machine, nor can applications or other computers on a network. Even

the VM

Data Domain target h ardware

EMC Data Domain is a storage target for deduplicated backup savesets. Data Domain targets

provide:

High-speed deduplication of backup data, with a consistent ingestion rate, regardless of how

well any particular data set will deduplicate. A good example is deduplication of unstructured

data backups. Even though databases do not typically deduplicate very well, a Data Domain

target does not bog down while ingesting and storing the backup.

More backups, and faster completion of backups, which relieves pressure on already tight

backup windows.

Network-efficient replication. Data Domain sends only deduplicated and compressed data

across the network, requiring a fraction of the bandwidth, time, and cost of traditional replication

methods.

End-to-end data integrity. Data Domain and its Data Invulnerability Architecture (DIA) provide

safe and reliable continuous recovery verification, fault detection, and healing.


C

EC

Data Domain Boost

Data Domain Boost significantly increases database backup performance by distributing parts of the

deduplication process to the application clients.


C

EC

Architecture overview

The VCE-recommended backup solution includes two options, along with best practices for each:

Avamar on Vblock systems

Avamar with Data Domain on Vblock systems

Product Definition

Avamar 1 Avamar is backup and recovery software.

2 Avamar is also a hardware platform where deduplicated backup data is stored.

3 It is -based, .

Data Domain 1 Data Domain is a hardware target that deduplicates and stores backup data.

2 Data Domain requires backup and recovery software. Avamar is the VCE-recommended software to use with a Data Domain target.

3 Data Domain performs in-line deduplication (as the data is streaming into the target).

4 Certain Data Domain models are suitable for meeting archival backup requirements.

The Avamar and Data Domain targets have different backup advantages. Which of them is best for a

particular customer situation depends on the backup workload. Where certain low commonality

workloads (data that does not deduplicate well) could bog down an Avamar-only solution, the addition

of Data Domain as a target for storing the backups allows for an integrated solution that takes

With Avamar, client-side deduplication of the data is done right in the server whose data is being

backed up. During the backup, the Avamar deduplication process only sends variable-length blocks

of data that have not previously been backed up to the Avamar target. This process dramatically

reduces the nightly backup load on shared network components within the virtual infrastructure. A

typical server backup runs in minutes instead of hours. Therefore, more backups can be run in parallel

and completed within a given backup window.

Alternatively, Data Domain target-based deduplication requires the files that are being backed up to

flow through shared network components to the backup hardware, where it is deduplicated in-line.

The advantage of Data Domain target-based deduplication is its consistent and predictable ingestion

rate, regardless of whether the data has high commonality, making it easy to deduplicate, or low

commonality, which means there is less to deduplicate. Large databases are the most common

backup workload with low-commonality characteristics.

The architectures for the two solutions are shown in Figures 1 and 2.

EMC Avamar NDMP Accelerator

The EMC Avamar NDMP Accelerator is a dedicated single-node Avamar client. When used as part of

an Avamar system, the accelerator provides a complete backup and recovery solution for supported

EMC VNX IP storage systems by using Network Data Management Protocol (NDMP) to communicate

with the storage devices.

Data from the storage device is not stored on the accelerator. The accelerator performs NDMP

processing and real-time data deduplication, then forwards that data to the Avamar server. The


C

EC

accelerator is a full peer to other Avamar clients (for example, Avamar for Linux Clients, Avamar for

Windows Clients, and so forth) with one exception: whereas the Avamar Administrator graphical

management console can be used to browse the live filesystems of most other clients, it cannot

browse the live filesystem of storage devices; it can only browse to the volume level (Avamar 6.1 and

earlier).


C

EC

Avamar architecture with Vblock systems

The following figure depicts the high-level architecture, configuration, and integration of Avamar on

Vblock systems.

Figure 1. Vblock systems solution with Avamar

In Figure 1, Datacenter 1 has Avamar clients and proxies running on Vblock systems. During nightly

backups the Avamar agents copy the changed variable-length blocks from the Avamar grid and create

a virtual full backup from just the changed variable-length blocks.

To enable data recovery in the event of a site disaster, all data in the Avamar grid in Datacenter 1 is

replicated to an offsite Avamar grid. Not only is transmission fast and efficient, but it is much more

secure than shipping physical tapes to an offsite location.

The Avamar software is used to schedule the backup jobs and to monitor and report on both backup

and Avamar system status.

Also shown in Figure 1 is a single-node Avamar solution backing up the remote location. To protect

the data in the event of a total loss of the remote office, the single-node Avamar replicates its data to

Datacenter 1.


C

EC

Avamar and Data Domain architecture with Vblock systems

The following figure depicts the high-level architecture, configuration, and integration of the combined

Avamar and Data Domain on Vblock systems solution.

Figure 2. Vblock solution with Avamar and Data Domain

In the combined Avamar with Data Domain solution, the backup jobs with low data commonality (large

databases, video files, audio files, and so forth) are routed to the Data Domain device. The metadata

for the backup is stored in the Avamar grid. Backups with high-commonality profiles are targeted to

the Avamar grid. This combined Avamar and Data Domain solution allows the backup administrator

the flexibility to use the best backup target for each backup workload.


C

EC

Avamar architecture and best practices

Avamar is backup-and-recovery software and it is also the hardware where the backup data is stored.

Used with Vblock systems, Avamar data deduplication technology seamlessly integrates and provides

rapid backup and restoration capabilities.

Avamar is integrated with VMware vSphere beginning with version 4.0. VMware has features that

protect VM for Data Protection (VADP). VADP produces in-

depth details of sizing, deployment, and data flow, providing a total VMware data protection plan that

can be used in conjunction with Avamar on Vblock systems.

The two most common recovery requests made to backup administrators are:

File-level recovery: File-level recoveries account for the vast majority of user support requests.

Common actions that require file-level recovery are individual users deleting files, application

recoveries, and batch-process-related erasures.

System recovery: Although complete system recovery requests are less frequent than file-

level requests, this capability is vital to the enterprise. Some common causes for full system

recovery requests are viral infestation, registry corruption, or unidentifiable unrecoverable

issues.

The Avamar integration with VMware delivers capabilities for both backup and recovery for either file-

level recovery or system-level recovery. Integration with vStorage API, virtual proxy server pools, and

changed block tracking allow Avamar to deliver extremely efficient data protection for Vblock systems.

There are several ways to implement the VCE data protection solutions for daily backup.

The most common

recommendations would be:

For specific applications that require it, use the Avamar guest-level agents to backup daily

The Avamar agents ensure application-consistent data recovery.

Perform daily backup of each VMware guest server, also known as VMDK-level backup, using

CBT.

This provides rapid restore capability in the event of a server crash. It also supports single file-

level restore.

The following illustrates how combining both guest-level backup and server-level backup would be a

very smart way to protect a database:

Use the Avamar agent to backup the database once per day

This assures that the database is recoverable. Backing up a database more than once per day

is often not practical.

To speed up fully recovering a database, use the Avamar agent to backup the database log

files several times per day (staying outside of the Avamar daily maintenance windows)

Back up at the server-level the VM that hosts the database.

This assures a rapid restore in the event the server malfunctions.

Proxy server considerations:


C

EC

- In Avamar 6.1 there needs to be one proxy server for backup and recovery

- If single-file Windows recovery is desired, a second proxy server is needed

Integration of EMC Avamar with Vblock systems

Figure 1, in the rchitecture overview section, depicts the high-level architecture of the Vblock

solution with Avamar. See the References section to find information on configuration and setup.

Avamar backup-and-recovery software provides integrated source/global data deduplication. An

Avamar agent on the client system deduplicates the data and then backs it up to an Avamar server,

such as an Avamar data store. Unlike traditional backup software, Avamar deduplicates backup data

before it is transferred across the network and stored to disk. And, Avamar deduplicates data globally

by storing a single instance of each subfile, variable-length data string, or data segment that it

identifies as unique across all of its protected sites and servers. Thus, Avamar enables rapid, daily full

backups even across congested or slow WAN/LAN links and virtual infrastructures.

Avamar is used in this solution not only to store the backup data, but also because its software

provides integration with vCenter to manage, monitor, and configure the backup of the virtual

infrastructure from a single administrative interface.

Avamar image proxy machines use the VMware VADP, and in particular the SCSI hot-add capability,

to mount the VM files that require protection. The administrator has the flexibility to deploy multiple

proxies based on the requirements of the operating system environment. Multiple proxy deployments

allow simultaneous backups and recoveries. During the initial deployment, an administrator assigns a

separate proxy server to protect either Windows or Linux VMs.

Recovery

Avamar file-level recovery proxy

An Avamar file-level recovery proxy is a VM that allows a file, or files, to be recovered into it from a full

image backup. Avamar file-level recovery proxies require a VM that is running Windows Server 2003

SP2, and EMC recommends one CPU and 1 GB of memory for this VM. This VM leverages the AvFS

to create a browseable view within a VM recovery.

Recovery options with Avamar include guest-level recovery and image-level recovery.

Guest-level recovery

The process of guest-level recovery is the same in this solution for VMs as it is for traditional recovery

from a backup application. The administrator has the ability to recover directories, files, and

applications in the Avamar Administrator GUI.

Image-level recovery

There are three options for recovering data from an image-based backup:

Recover to original machine


C

EC

Recover to existing machine

Recover to new virtual machine

The administrator may often choose either Recover to original machine or Recover to existing

machine. However, choosing Recover to new virtual machine gives the administrator the ability to

create a new VM on the fly without having to create it with vCenter first. Recovery to a new VM is

unique to Avamar, as it incorporates a second process to also protect and store the .VMX files needed

to create a new VM container and register it with vSphere.

When recovering a VM to its original location, the Avamar Administrator window displays the source

just as it appears currently within vCenter, and also shows how it will look after a recovery.

To recover to a new VM:

1. In the Avamar Administrator GUI select New Virtual Machine (Figure 3).

2. In the Virtual machine name field specify a name for the new machine.

3. From the Host/Cluster list select the folder location within vCenter for the new virtual machine.

4. Click Next.

Figure 3. Choosing a name and location for the new virtual machine


C

EC

5. Select a Distributed Resource Scheduler (DRS) cluster location for the new VM.

Figure 4. Choosing the DRS cluster for the new VM

Once a host/cluster is selected in the GUI, Avamar queries vCenter and allows the administrator to

select a different VMware data store. The administrator can choose a different destination and a

different device for housing the VM

This recovery method permits the administrator to choose a different storage platform and/or drive

type (to the current source) for the destination of the new VM.

Figure 5. Selecting the VMware data store where each VMDK will reside


C

EC

A

wizard addresses both in one GUI, and it permits a single-step recovery to multiple locations.

Avamar also configures the creation of the container for a VM.

protects the .VMX file of a VM, the configuration container for a VM. If Avamar did not create the

containers as it does, and should a disaster occur, the administrator would have to log on to vCenter

and create all the containers needed before conducting any recoveries. This Avamar capability is

superior to the traditional approach that relied on detailed tracking via spreadsheet listings of the VM-

to-container mappings.

File-level recovery from an image backup

The administrator can do file-level recoveries (FLR) for Windows VMs from the image-based backup.

To do this, Avamar leverages the VMware VM tools along with an Avamar Windows FLR proxy. The

proxy is a Windows 2003 server provided by the administrator, with code provided by Avamar. No

agents are needed within the VM for this recovery type. The key is that Avamar moves no data until

there is a need to recover data, and that no other interface nor client-side software is needed for this

recovery.

The Avamar Administrator console is used to manage and monitor FLR jobs.

When backups are selected for recovery, the FLR proxy server reads the VMDK data from the

Avamar system and creates a browse tree, as shown in Figure 6 in the Avamar Administrator -

Backup and Restore window.

Figure 6. File-level recovery: selecting files and directories to restore.


C

EC

An administrator can recover the data in place, in order to move the data back to its original location. Or, the

administrator can perform an out-of-place recovery, which restores to a different location. As a prerequisite, the

VMware Tools need to be installed on the VM that the administrator would like to restore to. In the following

scenario there is no Avamar agent on the guest level. Therefore, the administrator logs on to that VM and uses

the browse tree for recovery. See Figure 7.

To recover the data to a different VM:

1. Log on to the VM and use the browse tree for recovery

2. Select the VM you want to recover.

3. Navigate the Browse for Folders or Directories window and select a destination for the data.

Figure 7. File-level recovery: browse for out-of-place recovery

Restore requests pass from the Avamar system, through the Windows FLR proxy, to the machine that

is being protected. Recovery speed depends on

to the machine that is the recovery destination. Consequently, large data recoveries by means of the

FLR proxy recovery are unadvisable. An image-level out-of-place recovery is more efficient.

Replication

Replication for Avamar is also managed through the Avamar Administrator console.


C

EC

Avamar with Data D omain architecture and best practices

The combination of Avamar and Data Domain permits deduplication algorithms to operate at both the

client and the storage system levels. From the Avamar Administrator management console, the

administrator can direct a backup data set to target either the Avamar server or the Data Domain

system.

Protection of Vblock systems with the combination of Avamar and Data Domain involves an

understanding of the differences and benefits of client-side deduplication and in-line deduplication.

Client-side deduplication and in-line deduplication trade-offs

A decision whether to deduplicate at the client or at the storage system relates to protecting a growing

amount of data within a certain time objective:

Deduplication at the client offers the benefits of network traffic reduction and back-end storage

optimization.

However, this implementation can be less effective for high-change-rate environments, which

can negate some of its savings in backup time and network bandwidth.

Deduplication in-line at the storage system offers the benefit of massive scale and very rapid

ingestion of data.

However, this implementation is not optimized for network-bandwidth utilization because the full

backup payload must be moved across the network to the storage system before it is

deduplicated.

Integration of Avamar and Data Domain allows some of the deduplication processes normally

run at the storage system to be distributed to a backup server. This can provide some of the

network relief offered by client-side deduplication, while retaining the data ingestion and scale

attributes of deduplication at the storage system.

Today, two challenges that face IT backup administrators are:

Deploying two separate solutions to optimize for varying workloads

Minimizing administrative costs for management of two solutions separately

With the features and implementation details highlighted in the sections below, one can clearly see

how the newly introduced integration of Avamar with Data Domain on Vblock systems addresses

these challenges.

Integration of Avamar and Data Domain with Vblock s yst ems

Figure 2 in the architecture overview section depicts the high-level architecture of the combined

Avamar and Data Domain solution on Vblock systems.

At a high level, starting in Avamar v6.1, the administrator can direct whether specific datasets in an

Avamar backup policy will target an Avamar server or a Data Domain system.


C

EC

When an Avamar data store is the backup target, the Avamar client installed on each host works as a

typical Avamar client that is performing client-side deduplication. It processes and sends capacity-

optimized blocks, and any required metadata, over the WAN/LAN to the Avamar server. This dataflow

is not a change from the well-known implementation in previous versions of Avamar.

When specifying a Data Domain system as the backup target of a particular dataset from within

Avamar Administrator, the same Avamar client leverages Data Domain Boost (DD Boost) software

to redirect this data directly to a Data Domain system. DD Boost extends the optimization capabilities

of Data Domain solutions. It significantly increases performance by distributing parts of the

deduplication process to the backup server, and simplifies disaster recovery procedures.

Rather than performing intensive deduplication processing only on the client, DD Boost transfers the

source data in an efficient transfer method for processing by the Data Domain system.

Besides transferring backup payload data optimally to the Data Domain system, the Avamar client

simultaneously sends the relevant metadata it has generated to the Avamar server for storage. This

metadata allows the Avamar management system to direct the client in performing restore operations

directly from the Data Domain system without going through the Avamar server. This functionality,

implemented within the Avamar client software, is the same DD Boost API and technology that are

supported on many other Data Domain implementations today.

Recovery

The process of data recovery, whether from an Avamar data store or from a Data Domain system, is

completely transparent to the backup administrator. The backup administrator uses the same

recovery processes that are native to previous Avamar versions. The Avamar front end automatically

retrieves datasets that are stored on Data Domain systems. No special retrieval mechanisms or

processes are required.

Replication

As shown in Figure 2 in the architecture section, replication between primary and replica Data Domain

systems is also integrated into the Avamar management feature set. This is controlled by the

replication policy applied to each dataset in Avamar Administrator. All typical Avamar replication

scenarios are supported for datasets targeted to Data Domain. These include:

Many-to-one, one-to-many, cascading replication

Extension of data retention times

Root-to-root replication

Like the recovery process, the replication process normally configured within the Data Domain

platform is automated within the Avamar framework and is transparent to the backup administrator.

This replication functionality requires that a remote Avamar server exists, along with the remote Data

Domain system.


C

EC

Using Avamar/D ata Domain centralized control and

management

This section presents two examples that show how some of the processes highlighted in the previous

sections are controlled from within the Avamar Administrator GUI:

Example One: Configure a Data Domain system within the Avamar Administrator interface

Example Two: Specify a dataset policy within the Avamar Administrator interface

Example One: Configure a Data Domain system within the Avamar

Administrator interface

This example shows the procedure for using the Avamar Administrator GUI to configure a

DataDomain system for use with SQL database backups.

1. Log on to Avamar Administrator.

2. Access the Avamar Administrator main menu.

Here, the administrator can provision either a new or currently deployed Data Domain system

within the Avamar environment, in order to specify it as a backup target when backing up

policy datasets.

3. Click the Server icon to access the Avamar backend system configuration settings, as shown in

Figure 8.

Figure 8: Avamar Administrator main menu


C

EC

4. Select Server Management.

5. Click the icon in the toolbar (Figure 9) to display the Data Domain system configuration dialog

box.

Note: Here, we can provision a Data Domain system for use by the Avamar client. To configure a Data

Domain system within an Avamar environment there is no need to launch the Data Domain Enterprise Manager

GUI or CLI interface.

Figure 9: Specify a target Data Domain system from within Avamar


C

EC

The Add Data Domain System window appears (Figure 10).

Figure 10: Add Data Domain System dialog box: System tab

6. Select System (Figure 10) and enter the system name (or IP address) for the Data Domain

system to be targeted for backup.

7. Enter the DD Boost User Name. It is used for authentication. It specifies for the Avamar

environment the credentials needed to access the Data Domain system and to authenticate the

Avamar clients to write backups to the Data Domain backup target.

The DD Boost account name is created in the Data Domain Enterprise Manager during the setup

of the Data Domain system.

For systems that are already implemented and have the DD Boost license installed, this

authentication account is configured on the Data Domain system. For newly implemented Data

Domain systems with a DD Boost license, reference EMC Data Domain documentation for the

procedure to configure this account.

8. Complete the Max Streams field.

This setting indicates to the Data Domain system the total number of client backup streams

launched simultaneously from Avamar clients managed by this Avamar server. This setting is

especially important in deployments where the Data Domain system is being targeted by backup

applications besides Avamar, such as EMC Networker.

This setting assures that Avamar backup streams do not oversubscribe the Data Domain system

if other backup jobs are being targeted to it within the same backup window.

9. Click Okay.

10. Click SNMP (Figure 11). The Add Data Domain System window appears.


C

EC

11. In the Getter/Setter Port Number field, the default value is usually used.

This number tells the Avamar server the port on the Data Domain system from which to receive

and on which to set SNMP objects.

12. Next, complete the SNMP Community String field.

This indicates to Avamar which community string will allow read/write access to the Data Domain

system from an SNMP perspective.

13. Enter the Trap Port Number.

This indicates the port on the Avamar server that Data Domain will use to send SNMP traps to the

Avamar server. The default number usually does not need to be changed. Refer to the Avamar

server SNMP configuration for the proper settings.

14. Click OK.

Figure 11: Add Data Domain System: SNMP tab


C

EC

15. Click Events (Figure 12).

This window shows all the events that will be passed to Avamar Administrator from the Data

Domain system.

Figure 12: Add Data Domain System: Events tab

16. To complete the provisioning of a Data Domain system for use by Avamar, verify the entries and

click OK.


C

EC

Figure 13: Avamar Administrator: Server Management

The process of provisioning a Data Domain system for use with Avamar is easily and intuitively done.

Repeat this process for multiple Data Domain systems that may be required for a particular

Avamar/Data Domain joint solution. After adding a system, the administrator can return at any time to

the Server window (Figure 13) from the main menu for a quick dashboard view of Data Domain

system statistics such as capacity, DDOS version, and model number.

Example Two : Specify a dataset policy within the Avamar

Administrator interface

This example illustrates the procedure for setting a dataset policy within Avamar. The dataset policy is

needed in order to target backups.

For use in illustrating this procedure we have created a policy dataset named DDSQLDataset for

backup of a production SQL database.

Note: Refer to EMC Avamar Administrator documentation for creating datasets from scratch.

The example re-directs the backups of this dataset from the Avamar Data Store to the Data Domain

system provisioned in Example One.


C

EC

Use the Avamar Administrator policy configuration feature, as shown in Figure 14, to edit the

dataset that is to be retargeted. Click Options on the Edit Dataset window to bring up the

configuration settings in the New Dataset dialog box, as shown in Figure 15.

Figure 14: Avamar Administrator: Edit Dataset window


C

EC

Figure 15: Avamar Administrator - New Dataset dialog box

1. Click the checkbox Use Data Domain system. From the drop-down list, select the Data Domain

system target for this dataset.

The drop-down list shows all the available Data Domain systems. We have pre-provisioned only

one Data Domain system, so there is only one option in the box. If more Data Domain systems

were provisioned then multiple selections would appear.

2. Click OK.

The SQL dataset will be processed by the Avamar Windows SQL plug-in to target its data to the Data

Domain system. Upon the next backup policy execution (either manual or scheduled), the SQL

dataset will be sent to the Data Domain system for deduplication and storage.


C

EC

VCE-recommended s olutions for daily d ata Protection

This section describes the Data Protection Cabinets directly available from VCE. These are VCE

recommended and tested solutions. Supported configuration rules are also provided.

VCE Vblock Data Protection Cabinets

The VCE Vblock Data Protection Cabinets include a variety of implementation choices for the

solutions described in this paper. These solutions have been architected and tested by VCE to

seamlessly integrate into a Vblock system. They are available directly from VCE, delivered in VCE

cabinets. The VCE Data Protection Cabinets contain the scalable solutions and provide the correct

amount of cabinet space for expansion devices.

The Data Protection Cabinets comprise two solution groups: Avamar in a VCE cabinet and Avamar

with Data Domain in a VCE cabinet

Available VCE Vblock Data Protection Cabinets:

Solution type Description

Avamar-only single cabinet Avamar with Vblock systems solution in 1 cabinet (Figure 16)

Avamar-only multi-cabinet Avamar with Vblock systems solution in multiple cabinets. Figure 17 shows an example of 3 single Avamar instances, although 3 cabinets is not a limit.

Avamar and Data Domain 670 single cabinet Avamar and Data Domain 670 with Vblock systems solution in 1 cabinet (Figure 18)

Avamar and Data Domain 890 multi-cabinet Avamar and Data Domain 890 with Vblock systems solution in 2 to 9 cabinets (Figures 19 and 20)


C

EC

Avamar-only single cabinet

The single cabinet Avamar-only VCE Vblock data protection module has 1 cabinet with Avamar

switches, Cisco switches, data nodes and utility nodes with built-in networking, and two external

connection cables to the Vblock systems. The minimum configuration is 3 data nodes and 1 utility

node. Expansion space is provided in the cabinet for up to 14 additional nodes in any combination of

data nodes (up to 13 additional for a 16 total maximum), NDMP accelerator nodes, and/or media

access nodes.

Figure 16. Avamar only single cabinet module


C

EC

Avamar-only multi-cabinet

The Avamar-only multi-cabinet Vblock data protection module provides three times the capabilities of

the Avamar-only single cabinet, as it has 2 additional cabinets each containing the same capabilities.

The module also has three times the expansion capabilities as the Avamar-only single cabinet.

Note: If backing up multiple Vblock systems to a single Avamar and Data Domain Data Protection Cabinet,

each Vblock system must be connected to a group of dedicated uplink ports from the Data Protection Cabinet.

Figure 17. Avamar-only multi- cabinet module


C

EC

Avamar and Data Domain 670 single cabinet

The Avamar and Data Domain 670 single cabinet Vblock data protection module has 1 cabinet with

Avamar switches, Cisco switches, 1 DD670 Head Unit, and 1 ES30 storage shelf. The minimum

configuration comprises 3 data nodes and 1 utility node. It has built-in networking, and 2 external

connection cables to the Vblock systems. It contains 3 expansion spaces providing room for an

additional Head Unit, and an additional storage unit, as well as an additional 10 nodes in any

combination of data nodes, accelerator nodes, and/or media access nodes.



Figure 18. Avamar and Data Domain single-cabinet module


C

EC

Avamar and Data Domain 890 multi-cabinet

The Avamar and Data Domain 890 multi-cabinet Vblock data protection module has 2 cabinets with

inter-cabinet connections that permit the cabinets to be placed at an unlimited distance from each

other within the data center. Cabinet 1 is configured in an identical manner to the single Avamar and

Data Domain cabinet, with the addition of inter-cabinet connections. The interconnected cabinets have

built-in networking, and two external connection cables from cabinet 1 to the Vblock systems. Cabinet

2 contains 1 Data Domain ES30 Drive Shelf, 1 Data Domain 890 Head Unit, and 2U space for a future

Head Unit upgrade. Expansion Space #1 can hold 2 additional ES30 Drive Shelves. Expansion

Space # 2 can also hold up to 9 additional storage trays.



Figure 19. Avamar and Data Domain multi-cabinet module


C

EC

Avamar and Data Domain 890 multi-cabinet

The Vblock Protection Avamar and Data Domain 890 maximum multi-cabinet configuration can have

up to 9 cabinets, with connections from each cabinet directly to Cabinet 1. (No other interconnections

exist among the additional cabinets.)

Cabinet 1 is identical to the Cabinet 1 contained in the first Avamar and DD 890 multi-cabinet

configuration (Figure 19).

Cabinets 2, 3, 4, and 5 in the example (Figure 20) are identical.




C

EC

Figure 20. Avamar and Data Domain multi- cabinet configuration


C

EC

VCE-supported configuration rules for Avamar with Vblock systems,

and for Avamar and Data Domain with Vblock systems

VCE Seamless Support is provided for configurations that adhere to the following rules:

Backup and recovery using only Avamar software and hardware with Vblock systems using

VCE-provided modules

Backup and recovery using Avamar software and hardware, plus Data Domain hardware using

VCE-provided modules

A dedicated Data Protection system for each Vblock system. No sharing is permitted

Current Avamar Gen 4 hardware

Current Avamar V 6.0 software

Vblock systems NAS backup via Avamar Accelerator nodes

Remote office Vblock systems backup with single node Avamar, but only if replicated to Avamar

in a different site

Avamar and Data Domain on Vblock systems in Datacenter 1 must be replicated to Avamar

and Data Domain on Vblock systems in Datacenter 2. Only Vblock systems can be connected

to VCE Avamar and Data Domain backup systems. Connecting any other servers to the VCE

Avamar and Data Domain system voids VCE Seamless Support.

Datacenter 1 and Datacenter 2 are cross-replicating. Only Vblock systems can be connected to

VCE Avamar and Data Domain backup systems. Connecting any other servers to the VCE

Avamar and Data Domain system voids VCE Seamless Support.

A single Vblock system is required per VCE Avamar and Data Domain backup system. Only

Vblock systems can be connected to VCE Avamar and Data Domain backup systems.

Connecting any other servers to the VCE Avamar and Data Domain system voids VCE

Seamless Support.

Virtual desktop backup/restore

Guest-level agent for crash-consistent backups

Virtual machine server image backups using proxies

Virtual machine server image backups using proxies and Change Block Tracking

Avamar Tape-out for archive, if compliant with EMC support rules

Bare metal servers in Vblock systems are supported only where they are fully compliant with

EMC Avamar rules. VCE Support will be limited to Avamar and Vblock systems and does not

extend to operating system issues on bare metal servers.


C

EC

Conclusion

With the integration and control of EMC Data Domain systems within the EMC Avamar client on

Vblock systems, the backup administrator can now eliminate separate backup processes and manage

enterprise-wide backup workloads associated with each dataset from a single management interface.

Furthermore, backups of VMware virtual machines, desktops and laptops, remote offices, NAS

systems, and enterprise applications are all optimized for faster backups, maximum deduplication,

and efficient recoveries.

VCE offers on Vblock systems both Avamar and Data Domain because these data targets have

different advantages. The combination of the two addresses a broader set of data protection

requirements and delivers the most cost effective solution.

There are several ways to implement the VCE data protection solutions for daily backups. The best

possible method depends upon the exact customer requirements. The most common

recommendations are:

Use guest-level backups daily to ensure crash-consistent data recovery. Restoration of

individual files is a far more common occurrence than full server restoration.

Backup the server VMDK once per week, or whenever a virtual machine server has been

updated. This provides rapid restore capability in the event of a server crash.

Using Avamar and Data Domain as described in this white paper is a VCE-recommended solution

because it simplifies data protection AND it is a critical element for getting the maximum return-on-

investment from Vblock systems.

Next Steps

To learn more about this and other solutions, contact a VCE representative or visit www.vce.com.
http://www.vce.com/


C

EC

References

VCE

Vblock Infrastructure Platforms 2010 Vblock Platforms Architecture Overview

EMC

Note: To access this documentation EMC requires that you have registered and have a user id and password.

Contact EMC to set up your user id.

EMC Avamar 6.1 Administration Guide

Data Domain OS 5.1 Administration Guide
http://vce.com/pdf/solutions/vce-vblock-infrastructure-reference-architecture.pdfhttp://powerlink.emc.com/km/live1/en_US/Offering_Technical/Technical_Documentation/300-013-345.pdf?mtcs=ZXZlbnRUeXBlPUttQ2xpY2tDb250ZW50RXZlbnQsZG9jdW1lbnRJZD0wOTAxNDA2NjgwNjYyMmVjLGRvY3VtZW50VHlwZT1wZGYsbmF2ZU5vZGU9MGIwMTQwNjY4MDY2MjM0Zl9Hcmlkhttps://my.datadomain.com/custom-view/doc/appliance/5.1.x/5_1_AdminGd_759-0011-0001.pdf?fsearch=1&query=Data+Domain+OS+Administration+Guide&pagenumber=1&size=10&index=3&filterids=


C

EC

ABOUT VCE

VCE, formed by Cisco and EMC with investments from VMware and Intel, accelerates the adoption of converged infrastructure and

cloud-based computing models that dramatically reduce the cost of IT while improving time to market for our customers. VCE,

through the Vblock system, delivers the industry's only fully integrated and fully virtualized cloud infrastructure system. VCE

solutions are available through an extensive partner network, and cover horizontal applications, vertical industry offerings, and

application development environments, allowing customers to focus on business innovation instead of integrating, validating and

managing IT infrastructure.

For more information, go to www.vce.com.

THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." VCE MAKES NO REPRESENTATIONS OR WARRANTIES

OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED

WARRANTIES OR MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright 2012 VCE Company, LLC. All rights reserved. Vblock and the VCE logo are registered trademarks or trademarks of VCE Company, LLC, and/or its affiliates in the United States or other countries. All other trademarks used herein are the property of their respective owners.

Documents

Avamar Data Domain Whitepaper