Finding the Needle.txt in the NetApp Haystack

On a recent business trip, my Account Executive and I made a pitstop in the local NetApp office. Our purpose was to discuss our current product offerings and see how Catalogic Software’s products can integrate with and enhance NetApp’s stickiness in customer environments. Because as great as NetApp Storage is, there are always gaps that need to be filled. As we talked, one such gap became clear. NetApp is known for its snapshot capabilities. You can apply snapshot schedules, you can replicate to a SnapVault or SnapMirror, even push to an Altavault location. However, as you build out this architecture, it becomes exceedingly difficult to know what data lives where, and on what snapshots.

This issue usually presents itself when IT admins receive a simple request: “I lost one of my files, it must have been deleted accidently and I need it back.” Maybe the user accidently deleted the file, or overwrote a previous version by mistake, or maybe he/she just moved the file to the wrong sub-directory without realizing it. Sounds easy enough, but for IT Admins, this common request could lead to major headaches and hours of lost time, because finding the file is like searching for a needle in a haystack. If you are effectively utilizing NetApp’s snapshot capabilities, you know that you have multiple versions of that file in your snapshots, but there is no easy way to find that file. There is no central catalog that lets you search for and restore specific files. The Admin ends up spending hours manually searching through directories on Snapshots for that missing file. Or sometimes organizations simply deny the restore request because they don’t have the time to go looking.

As you can imagine, this problem is concerning to many admins. Maybe even concerning enough for them to begin to consider alternatives to NetApp that do a better job here. That is why, as we discussed this topic in the local NetApp office, the NetApp sales reps began to show their excitement when we brought up our RestoreManager product.

RestoreManager is a virtual appliance that communicates directly with your NetApp cluster(s), and using NetApp SnapDiff APIs lets you easily locate and recover files on NetApp storage copies. Using what we call a Crawler, RestoreManager collects the SnapDiff API information and with that data builds an online central catalog of your metadata for primary and/or secondary NetApp systems. This means that we also index your SnapMirror and SnapVault destination volumes. Then, because we have all of that information stored locally in an ElasticSearch database, you can search through snapshots using multiple filters and wildcards. When you find the file(s) or folder(s), you drive the restore right from within RestoreManager. The ElasticSearch database also allows RestoreManager to be highly scalable for large NetApp file environments.

Once you search for and identify the specific file that you need to restore, you simply select the file and click the “Restore File” button. This then gives the user the ability to restore the file from any snapshot that contains that file. Say for example you accidently overwrote a file and didn’t realize you did so. Perhaps several days go by and your Snapshot schedule has gone through a few cycles. With RestoreManager, you can restore the file using a snapshot that was taken before the inadvertent overwrite occurred.

The added benefit of the SnapDiff metadata collection is that all file and snapshot information is included in the crawl. This allows end-users the ability to apply filters for more targeted searches. Possible filters include:

  • By file name, parts of the name or file path, with wildcards being permitted
  • By data type or file ending: jpg, xls, doc, ppt, etc.
  • By deletion period
  • By creation period
  • By file size
  • Etc.

The basic search capability is great, but for large NetApp environments, these filters give the user the ability to narrow the focus to more easily find the specific file you are looking for. The extensive catalog also gives RestoreManager the ability to provide additional data analytics and reporting capabilities in the Kibana Dashboards module. Analytics and reporting will be covered in an upcoming post.

Using RestoreManager in conjunction with Catalogic Software’s DPX backup product allows for a complete file recovery solution. Because of its local, online catalog, RestoreManager is perfect for short term retention and operational recovery, including all the examples described earlier. But perhaps your organization would like to offload to tape or to the cloud for long-term retention. That data no longer lives on NetApp storage, and in turn cannot be restored using RestoreManager. That is where DPX comes in. Using scheduled and managed NDMP backups of your NetApp filer, DPX can push your data to tape or to the cloud, and then provide a searchable file index that features single file restore capabilities. This is particularly useful for data compliance or legal situations like an audit. See example below:

Using scheduled and managed NDMP backups of your NetApp filer, DPX can push your data to tape or to the cloud

You would be glad to know that licensing for RestoreManager is simple and affordable. It is priced per controller node and is tiered by NetApp system size. It does not matter how much data is stored, how many users you have, or the number of files. Licensing is subscription-based and is priced per month with a minimum 12-month purchase, with additional licensing available for any additional months on top of that first year. If you are interested in learning more about RestoreManager, visit our RestoreManager web page.

If you would like to see RestoreManager in action, watch a pre-recorded product demonstration. Or even better, contact us for a one-on-one demo with one of our product experts. You can even download a trial copy and test it for yourself.

Stop spending hours manually searching through all of your snapshots just to find that single file that someone accidentally deleted! Instead, reach out to Catalogic Software and allow RestoreManager to search for that needle in a haystack for you.

Read More
08/19/2019 0 Comments

IT automation with Catalogic ECX, vRealize Orchestrator, Pure Storage and NetApp

It seems that everywhere you turn, automation is becoming the standard for most operations within the datacenter. Processes that were once tedious and error prone can easily be scripted, repeated, and automated through companies’ own service portals and other home-grown tools.

Scenarios where individual users can submit a help desk ticket for requested infrastructure (e.g. refreshing a database copy or provisioning a server/application) and have that request serviced end-to-end without ANY human intervention allow organizations the flexibility to remain as agile as the cloud in the datacenter without consuming IT cycles or overhead to perform these tasks.

Evaluating technology to fit the needs of your organization requires going beyond just testing functionality alone but taking in the integration points for using the tool. Some software applications may provide a graphical user interface (UI) or the ability to interface with the application through a command line interface (CLI). Others like Catalogic Software ECX provide software application programming interfaces (APIs) to allow users to further customize and extend the capabilities of the application using their own tool sets.

Catalogic has several organizations taking advantage of this application framework to automate tasks and realize the simplicity that comes with “systems running systems.” As an example, one company is using automation into their ticketing systems for refreshing Oracle database copies on Pure Storage FlashArray systems from their change request system. An end user submits a change request ticket through their Help Desk portal identifying several variables they would want to use such as:

  1. The date / time of the Oracle data set they need
  2. The database server target for the database instance
  3. The new name of the temporary database
  4. The length of time the provisioned DB copy should remain up and running

These variables are then passed to the Catalogic ECX which runs a new restore job using those parameters and another workflow to tear down the copy after the expiration date has been met. Catalogic integrates with Pure Storage copy operations so no outside storage repository is required, and the user gets the benefit of Pure’s extraordinary performance and scalability.

A large corporation and customer of Catalogic Software has taken automation to the next level in helping them build their new “next-generation” datacenters. This customer uses vRealize Automation (vRA) and vRealize Orchestrator (vRO) in conjunction with ECX to deploy and protect the environment with a click of a button. A simplified version of the workflow may look something like this:

Figure 1 Basic workflow of deploying a new server and defining a backup policy to it

When a server is decommissioned, the workflow invokes destructors in reverse order to clean up the storage snapshots and replicas, delete the protection policies and all the other objects / methods supporting that server in order to deprecate and free up space associated with that server.

Each of those tasks can be further broken down into subtasks which would have their own subtasks, etc. I think you can get the idea how something as simple as deploying a server can become fairly complex very quickly when designing these automated workflows that bring in all the other needed components.

But before your head starts to spin, designing a workflow schema with vRO is simply a matter of breaking down a complex task into a series of subtasks which can be represented as a reusable widget/function within your orchestration tool.

Different levels of administrative involvement may be needed like storage, application, virtualization, and general system administrators to provide input into scripting the logic for how these subtasks would be created.  However, when using ECX much of the logic is taken care for you simply by leveraging the REST API framework ECX was built upon, along with the native database and VMware awareness of ECX.

vRealize Orchestrator (vRO)

While there are several orchestration tools available today, customers looking to take advantage of tight integration with VMware often rely on vRealize tools. vRealize Orchestrator is a workflow visualization tool developed by VMware with some in the community touting it as the most powerful tool available that few if any are aware of or use. Because it was developed by VMware, vRO understands the nuances of VM-specific object definitions and can easily instantiate object types like VMs, datastores, networks, etc. through a simple function call without having to deal with invoking CLI commands through a VMware client.

Customers choose to leverage vRO when working closely with VMware to deploy virtualized guests quickly and efficiently (and with minimal error). That is because vRO allows for the individual steps within a workflow to link and pass information between one another. In other words, it acts a pseudo-programming language construct complete with variable definitions, conditional logic (if-then-else), and loop mechanism (while TRUE, perform this operation again).

Now this is great when wanting to create the same machine repeatedly, but once a virtualized application server has been provisioned through vRO, it will need to come under the domain and ownership of IT and operations who will need to ensure that the data is backed up and requests for restores can be accommodated quickly and easily. This is where ECX comes into the picture.

ECX for Array-based Protection and Restore Automation

At Catalogic Software, we develop and market products that are focused on data protection and data management. Deployed as a software appliance, our ECX product specializes in managing copy data throughout various storage array, virtualization and database technologies.

ECX already speaks to a good portion of the technology customers have in their environment. It already possesses the ability to communicate and understand the relationships in the technology stack. By simply registering storage arrays, the hypervisor (or physical servers) and applications that use that storage, companies can leverage ECX to protect and recover data from the application / OS stack down the storage level.

Most users access ECX through a GUI that is accessible via a web portal. All the operations submitted by this GUI are based on a REST framework. This means that one can perform the same operation by invoking the REST API directly through a REST client. This allows a user an integration point for commands to be sent from orchestration tools like vRO.

vRO and ECX Together: One Plus One Equals More Than Two

Now that you have some high-level background on orchestration through vRO and ECX, let’s examine how one Fortune 50 company is using this in conjunction with ECX to build out their data center. The goal is simple – close to as little human involvement as possible. Every time a new server gets deployed, that request comes through in the form of a web portal request which is probably the only time during the entire process a human provides the input.

I’m going to go back to the workflow diagram mentioned above and just break it down into the steps for which just ECX is involved. You’ll see there listed within the workflow:

Once the machine is provisioned, it is immediately registered to a protection policy in ECX where a snapshot copy of the database and log files (to provide point-in-time restore) are taken on a regular basis directly on the storage on which it resides for as long as that database server remains in commission. In this case, the storage is NetApp, but ECX also supports Pure Storage FlashArray and multiple arrays from IBM.

ECX makes this a breeze by providing the services to automatically:

  • Discover the application (e.g. SQL Server, Oracle)
  • Determine the storage LUN(s) on which it resides
  • Create a consistency group of all the storage volumes on which the application resides
  • Finally, snapshot and replicate those copies where they are required, with timing and retention based on pre-configured policies

Let’s see what this workflow would look like. Like most data protection applications, ECX requires a login in order to establish a valid session for creating and interacting with the objects within the catalog.

So let’s have one the subtasks for registering our application server look like:

Figure 2 Subtask operations contained with Register Application Server to ECX

The “Login” process provides us with a session ID. Once created, the session ID establishes the building block which other tasks can invoke from an ECX perspective. If we continue to look at this process end-to-end, we can see that we are able to interact with the application server through ECX just from a single session ID:

Represented in vRO, such a workflow may appear like:

Figure 3 An example schema created in vRO showing the logical steps and operations that are run in each workflow

Within the workflow, whose steps can be clearly labeled as to what is occurring in each step, you can see that after the application server is registered, it is tested and an inventory process is run against it to confirm that ECX has the ability to communicate with the server and has added it to a protection policy.

By using vRO, a DevOps developer can create a graphical representation of the workflow which may be pieced together by other workflows which are broken down into a series of subtasks.

Extending this out to an even bigger picture, a vRO schema may look something like this when deploying an application server.  Each step in the workflow will be highlighted when the workflow is executed to depict what it is currently working on within the workflow. The workflow depicted just above is a component step of the workflow depicted below.

Figure 4 vRO acts very much like a programming language and allows for conditional logic (if-then-else). Variables can be passed between workflows through input and output variables known as bindings in vRO. In this example, once a login occurs and a sessionID has been obtained, this string variable is passed between all the other components of the workflow allowing vRO to interact with ECX.

Let’s analyze the above workflow to determine exactly what it is doing. This workflow titled Register Application Server attempts to determine the name of the application server just deployed and stores that within a global variable which can then be used in ECX.

It captures the session ID through a login operation and stores this information in another global variable which can be referenced in the scope of this workflow run. This session ID gets passed to other queries made to the ECX catalog such as determining the vCenter server and siteID to which this application will be registered. Once all those variable bindings have been captured, the user would have all the necessary arguments to create the object via a single API call with a request payload detailing these required parameters within a JSON format.

The screenshot below shows the ECX GUI of the application server object that was just created and registered through the automation. The object’s comment field has been noted to show that this application server object was deployed and added to an SLA policy via automation.

Figure 5 Deployed application servers can be differentiated from other servers using the comment field in the request header when making the REST API call. Hundreds of thousands of application servers can be deployed by ending the server name string with a digit that can be incremented as new application servers get deployed.

While registering an application server in ECX can be performed in about 5 clicks or so, the time and energy taken to register tens of thousands of application servers would be downright tedious and error prone, and that doesn’t even account for application servers that are newly created every time a new database gets deployed within the environment. Automation greatly simplifies tasks at scale.

Summary

Through orchestration tools like vRealize Orchestrator, one is able to take a simple task and build upon it to create a more complex (and more valuable) task that can be designed to reduce the human intervention required for repeated tasks.

Having software tools that can easily plug into DevOps requirements should be a top of mind consideration after evaluating functionality. By building upon a REST framework and publishing the API requirements, ECX provides the ability to further extend an organization’s existing automation capabilities into the data protection space.

Hopefully by now you are seeing the benefit of evaluating tools and software not just on its capabilities, but also, its ability to play nice with other platforms and services. Ultimately your choice in software tools is going to boil down to whether or not it performs the functions that you require. However, evaluating how the tool can interact and plug into the orchestration and DevOps tools that you have today will certainly make a difference in your choice.

Read More
08/14/2019 0 Comments

How and Why vProtect Displaced Bacula for Protecting Red Hat Virtualization / oVirt

After years of almost exponential growth, with many businesses virtualizing over 80% of their workloads, the virtualization industry has hit a tipping point. Now more than ever, organizations are questioning the value proposition of the “Big Two,” VMware and Hyper-V, and looking at alternative hypervisors. And this means looking at backup eco-system alternatives as well.

This doesn’t mean that organizations aren’t continuing to invest in virtualization. The hypervisor market continues to grow at a solid rate. What it means is that the market is seeing a shift in how organizations are virtualizing their infrastructure.

Over the last ten years, the Big Two have dominated the market. But as organizations continue to virtualize more and more of their workloads, the increased cost of the Big Two has begun to be too much to handle for a lot of companies. In the wake of this, we are beginning to see the creation and growth of alternative open-source or niche hypervisors like Red Hat Virtualization, Citrix Hypervisor, Oracle VM, etc.

The issue organizations are dealing with is the following: we cannot afford to continue to expand the VMware or Hyper-V environment, but it’s hard to trust these new, open-source hypervisors, especially when our existing backup solution is unable to protect the virtual machines.

That is where vProtect comes in. vProtect is a modern, enterprise-level backup solution designed specifically to protect these open VM environments. This includes support for Nutanix Acropolis, Citrix Hypervisor (XenServer), RedHat Virtualization, KVM, and many more. vProtect enables agentless VM-level protection and can function as a standalone solution or integrate with your existing enterprise backup software.

As you can imagine, as the open-source hypervisor market is beginning to expand, vProtect is not the only solution out in the market for these types of environments. Another such product is Bacula. Bacula, like vProtect, focuses attention on the niche market of open-sourced hypervisors. A quote straight from Bacula’s website claims to feature “the most advanced backup and recovery for RedHat Virtualization on the planet.” Now, is this really the case? How does Bacula compare to vProtect in this RHEV/oVirt (Red Hat Virtualization) space? And how does it measure up in terms of support for all the other open-sourced hypervisor options that are out there? Does it support containers? How about AWS EC2 machines? Does it support cloud offload?

According to end-users that we have been in touch with, Bacula (for the most part) is successful in protecting the VMs. It does what it says it does. However, some have complaints about backup speeds and flexibility when it comes to allowing different ways to transfer the VM data. Bacula really only offers one transport method, and that is image-based transfers.

vProtect, on the other hand, offers multiple backup methods:

  • Image-based transfers
  • Disk attachment method
  • Changed block tracking for incremental backups
  • A new transfer method that moves VM data via SSH.

These options allow end-users more flexibility when it comes to architecture and networking.

Another specific complaint that we have heard directly from a Fortune 100 organization and one of the largest technology companies in the world (a former Bacula user who has since purchased vProtect), is that for any oVirt users, integration requires an oVirt image-io Proxy which causes bottlenecks when running simultaneous backup jobs. This prevented them from being able to run more than a couple of backup jobs at the same time. With vProtect, using a disk-attachment method to transfer the VM data, this customer has cut backup and recovery times in half.

Another area where vProtect is impressing former Bacula users is its modern, easy-to-use web UI. According to several end-users, Bacula’s UI is cumbersome and far from intuitive. We like to say a user interface is like a joke – if you have to explain it, then it’s not a good one. Because of this, most Bacula admins perform their tasks using Linux command line. However, this may be daunting for someone who is not comfortable using Linux, or knowledgeable about Bacula infrastructure.

There appears to be a steep learning curve when it comes to configuration and administration, which may be difficult to overcome for new users if, for example, your Bacula admin leaves the company or is simply on vacation. The UI for vProtect is intuitive and clean. Most of our customers request a license, install, configure, and run the product with no need for assistance from us. It’s that easy.

Finally, vProtect has the advantage in its wide range of virtual environments and backup destinations that it supports. According to its website, among open VM environments Bacula has hypervisor support for RedHat, KVM, and ProxMox. vProtect, on the other hand, includes support for each of these hypervisors, but also several others. These include: Nutanix AHV, Oracle VM, Xen, Citrix Hypervisor (XenServer), OpenStack, Amazon Web Services, and also Kubernetes and OpenShift containers.

vProtect also offers multiple options for backup destinations. This includes local file system or NFS, existing NAS devices, DataDomain appliances, cloud locations, etc. But most importantly, vProtect is able to integrate directly with a customer’s existing enterprise backup solution like IBM Spectrum Protect, DellEMC NetWorker, Catalogic Software vStor, and Veritas NetBackup.

In conclusion, don’t get stuck spending incredible amounts of money on your VMware or Hyper-V environment just because you don’t know there are other viable options out there. Many organizations, including large enterprise companies, are deciding to make the switch to alternative, open-sourced virtualization platforms, and turning to products like vProtect to make sure that data is protected. Check out the Open Virtualization Pro blog for loads of information on open hypervisors.

If you would like to learn more about vProtect, you can request a live demo or even get a 30-day trial copy to try it for yourself. We’ll be happy to help you set things up.

We also have a pre-recorded demo available on our website if you would like to see the product in action.

Read More
08/05/2019 0 Comments

Let us show you around


Data ProtectionData ManagementOpen VM BackupNetApp Ransomware ShieldNetApp File Catalog