CSIM Technical Notes

Amabda backup of VMware ESXi host, with ghettoVCB

Backup a virtual machine

On Amanda server

Amanda server is running FreeBSD, syntax bellow depend on FreeBSD.

1. Configure NFS server; in /etc/rc.conf:

   # NFS for VMware backup
   nfs_server_enable="YES"
   nfs_server_flags="-u -t"
   rpcbind_enable="YES"
   rpc_lockd_enable="YES"
   rpc_statd_enable="YES"
   

   in /etc/exports; we will use the directory /virtual for temporary backup of VMware virtual machines:

   /virtual -maproot=0:0 virtual1000.cs.ait.ac.th virtual2000.cs.ait.ac.th virtual3000.cs.ait.ac.th virtual4000.cs.ait.ac.th virtual5000.cs.ait.ac.th
   

   in /etc/hosts.allow (this may be overkill, IP depends on CSIM network):

   # Rpcbind is used for all RPC services; protect your NFS!
   # (IP addresses rather than hostnames *MUST* be used here)
   rpcbind : 192.41.170.0/255.255.255.0 : allow
   rpcbind : 10.41.170.0/255.255.255.0 : allow
   rpcbind : ALL : deny
   
   # Rquota used by NFS
   rpc.rquotad: 192.41.170.0/255.255.255.0 : allow
   rpc.rquotad: 10.41.170.0/255.255.255.0 : allow
   rpc.rquotad: ALL : deny
   
   # Portmapper is used for all RPC services; protect your NFS!
   # (IP addresses rather than hostnames *MUST* be used here)
   portmap : 192.41.170.0/255.255.255.0 : allow
   portmap : 10.41.170.0/255.255.255.0 : allow
   portmap : ALL : deny
   

2. Configure sudo(8); in sudoers (the snapshot is created by root on the ESXi server, the user amanda needs to escalade privileges to remove the snapshot once it has been saved):

   Cmnd_Alias      AMANDA = /bin/rm
   amanda  ALL=(root) NOPASSWD: AMANDA
   

3. Install Perl packages Mail::SendEasy (p5-Mail-SendEasy) and GetOpt::Long (p5-Getopt-Long)
4. Install the script vmware in /usr/local/libexec/amanda/application, make sure it is mode 755.

   Edit the script to reflect the list of ESXi servers.

5. Configure Amanda, in amanda.conf (a specific dumptype calls the script vmware):

   define script vmware {
           plugin "vmware"
           execute-where server
           execute-on pre-dle-backup, post-dle-backup
           }
   
   define dumptype vmware {
           comment "Full dump of VMware virtual machine snapshot"
           auth "bsd"
           index yes
           compress server best
           estimate server
           priority high
           program "GNUTAR"
           allow-split true
           script "vmware"
   }
   

   and disklist (note that the DLE name depends on the name of the virtual machine, spaces in the name need to be properly escaped):

   amanda             /virtual/mybackups/Desktop\ Olivier     vmware  1       disk
   

   ghettoVCB adds the subdirectory mybackups in /virtual; that can be changed in the configuration of ghettoVCB.
6. Generate a SSH key pair, the private key should be saved in .ssh/id_rsa_virtual in the home directory of the user running Amanda.

On ESXi server

1. Install the SSH public key in /etc/ssh/keys-root/authorized-keys.
2. Do not use compression on ghettoVCB: it needs the fukk sixe on the NFS server to first do the snapshot, then it would ocmpress across NFS, that is a waste of resources. Let Amanda do the compression.
3. Use the shutdown option, so hopefully the disks will be sync before they are snapshoted, in ghettoVCB configuration:

   POWER_VM_DOWN_BEFORE_BACKUP=1
   ENABLE_HARD_POWER_OFF=1
   

4. If oak1000.cs.ait.ac.th is already mounted as a normal datastore to the ESXi server, use a ghettoVCB configuration that do not mount NFS; else use the configuration that temporarily mount NFS.

Restore a machine

1. Extract the backup from Amanda backup into the directory used by Amanda NFS server.
2. Mount the NFS storageof Amanda onto the ESXi server; use vSphere Client or the command:

   vim-cmd hostsvc/datastore/nas_create mybackup 3 <mounted_directory> 0 amanda1000.cs.ait.ac.th
   

3. Create a configuration file with: the full pathname to the snapshot directory (the one ending with the date); the datastore full path; 1 (for tick provisionning). For example:

   #"<DIRECTORY or .TGZ>;<DATASTORE_TO_RESTORE_TO>;<DISK_FORMAT_TO_RESTORE>"
   # DISK_FORMATS
   # 1 = zeroedthick
   # 2 = 2gbsparse
   # 3 = thin
   # 4 = eagerzeroedthick
   "/vmfs/volumes/oak1000/mybackups/DNS/DNS-2014-09-15_06-34-31;/vmfs/volumes/datas
   

4. Run the restore:

   /usr/local/ghettoVCB-restore.sh -c <configuration-file> [-d 2]
   

   The option -d 2 is for debug.
5. Umount NFS; either with vSphere client or the command:

   vim-cmd hostsvc/datastore/destroy mybackup
   

6. Remove the snapshot of the machine from Amanda NFS server space.
7. There may be strange questions asked when starting the restored machine, use your gut instincts.