Nutanix Solution Note
Data Protection and Disaster Recovery
Version 1.0
April 2015
Data Protection and Disaster Recovery
2
Copyright 2015 Nutanix, Inc.
All rights reserved. This product is protected by U.S. and
international copyright and intellectual property laws.
Nutanix is a trademark of Nutanix, Inc. in the United States and/or
other jurisdictions. All other marks and names mentioned herein
may be trademarks of their respective companies.
Data Protection and Disaster Recovery
2
1. Nutanix Virtual Computing Platform ................................................................................................... 4 2. Backup ................................................................................................................................................. 5 Unlimited VM-centric Snapshots ......................................................................................................................................... 5 Hybrid Cloud Deployments with Cloud Connect ................................................................................................................ 7 3. Disaster Recovery ................................................................................................................................ 9 Remote Replication .............................................................................................................................................................. 9 Metro Availability .............................................................................................................................................................. 10 4. Ecosystem Integration ....................................................................................................................... 12 A RESTful Future .............................................................................................................................................................. 13 5. Conclusion ......................................................................................................................................... 14 Data Protection and Disaster Recovery
3
1. Nutanix Virtual Computing Platform
This Solution Note discusses the data protection and disaster recovery functionality in the Nutanix Virtual
Computing Platform. We also recommend reading the Nutanix Tech Note on Infrastructure resilience to learn
more on about the resiliency features of the Virtual Computing Platform including how hardware and software
failures are handled.
The Nutanix distributed software architecture runs a virtual storage controller (Controller VM or CVM) on each
Nutanix node or host on the Virtual Computing Platform, forming a distributed system. All nodes actively work
together to aggregate storage resources into a single global pool that can be leveraged by all. The storage
resources are managed by the Nutanix Distributed File System (NDFS) to ensure that data and system integrity is
preserved in the event of node, disk or application or hypervisor software failure. NDFS also delivers data
protection and high availability functionality that keeps critical data and VMs protected and applications running.
Figure 1: Nutanix solution for data protection and disaster recovery covers all aspects of availability
Data Protection and Disaster Recovery
4
2.
Backup
Unlimited VM-centric Snapshots
The foundation of the Nutanix data protection functionality is the concept of a VM-centric snapshot. To
understand the advantage of Nutanix snapshot functionality, it is important to understand the different types of
snapshots available today.
A snapshot is an evolution of the traditional backup process. It is created when the storage system creates a full or
virtual copy of the metadata or the index of the stored data. This is different from traditional backup solutions,
which create separate copies of the stored data. Because snapshots only need to copy the metadata or index at the
time they are taken, they can be near instantaneous, have little performance impact and require little incremental
space. IT organizations can take snapshot-based backups more frequently and improve recovery point objective.
Backup vendors and analysts have acknowledged the shift to snapshots as a viable option for backup and
recovery.
However, it is important to note that not all snapshot implementations are created equal. Each of the
implementations has different storage requirements and pose different restrictions on their use. The preferred
implementation of snapshot is redirect-on-write (ROW). In this method, any updates to existing protected data are
redirected to a new location. None of the existing data in snapshots needs to be copied or moved. As a result
ROW snapshots do not suffer the performance impact of the alternative copy-on-write snapshot implementations.
The performance impact for copy-on-write snapshots limits their applicability for primary data.
Another consideration when implementing snapshots is the granularity of data that can be protected. This
determines the space overhead of the snapshots taken. Smaller block sizes result in increased sharing of data
between snapshots and greater space efficiency. With large blocks, a change to a small portion of a block would
create a full new block with mostly duplicate data, causing the snapshot size to be much larger than the amount of
data changed.
The last aspect that needs to be considered for snapshot design is the unit of data that can be protected and
restored by the storage system. Traditional storage deployments typically operate at the storage object or
volume/LUN level with little to no understanding of what is stored in those containers. In virtualized
environment, this results in a simultaneous snapshot of tens-to-hundreds of VMs, each with varying change rates.
Consequently, it puts the burden on the administrators to map the different VMs to the storage objects such as
LUNs or volumes. This results in additional steps and greater system complexity, especially when recovering
individual VMs. In the traditional approach, snapshot schedules can only be set at a LUN or a volume level,
leading to practices such as creating one LUN per VM as a workaround in order to create individualized snapshot
VM schedules.
An alternative to this method is taking a VM-centric approach to storage and data protection. In this scenario,
storage understands and operates at the virtual disk or VM-level. So snapshots are taken at the VM-level and
administrators can set schedules and retention periods at the VM-level to meet service levels. Recovery is simple
as administrators can restore individual VMs without dealing with the underlying storage objects.
This brings us to the snapshot implementation on the Virtual Computing Platform. Nutanix OS implements
redirect-on-write, VM-granular snapshots. When a snapshot of a VM is initially taken on the Nutanix Virtual
Computing Platform, the system creates a read only zero-space clone of the metadata (i.e. index to data) and
makes the underlying VM data immutable or read only; no VM data or virtual disks are actually copied or moved.
The system creates a read only copy of the VM that can be accessed similar to its active counterpart. Nutanix
snapshots take only a few seconds to create, eliminating application and VM backup windows.
Data Protection and Disaster Recovery
5
After a snapshot is taken and as the VM continues to run, any updates to existing data and new writes are
redirected. The original data in the snapshot remains unchanged and the unchanged data is shared across the
snapshots and active VM. The Virtual Computing Platform handles this transparently so there is no change to
how applications and the virtualization stack accesses the VM.
From an efficiency standpoint, Nutanix snapshots can be taken with byte-level resolution. This byte-incremental
implementation means that only the changed data is captured between successive snapshots. For even greater
efficiency, all the data stored on the Virtual Computing Platform including the snapshot can be compressed and
deduplicated. Even though individual deployment savings will vary with the specific workloads, average
deployments depending on the workload have seen anywhere from 25% to 75% reduction in the amount of space
needed.
Nutanix
snapshots have
byte-level
resolution
Figure 2: Nutanix snapshots are more efficient with byte-level granularity
The VM-granular snapshots can be set to be either crash consistent or VM-consistent and can be scheduled on an
hourly, daily, weekly or monthly basis depending on the Recovery Point Objectives (RPO) and retention needs.
The choice between taking crash-consistent or VM-consistent snapshots should be based on recovery needs.
Crash consistent snapshots are instantaneous and are sufficient for workloads able to recover from operating
system (OS) or VM crashes. Stateless applications such as web-servers are best protected through crash consistent
snapshots. The alternative VM-consistent snapshots take advantage of host framework and services such as
Microsoft Volume Shadow Copy Service (VSS) to quiesce the VM and supported applications; rendering them in
to a known or consistent state. In the case of VMware running Microsoft Windows guests, VSS support is
provided with VMware tools running in the guest OS. Using deep integration between Nutanix Virtual
Computing Platform and VMware vSphere, the VMware tools are called to quiesce the OS and supported
applications such as Microsoft Exchange and SQL Server before the Virtual Computing Platform takes a VMconsistent snapshot of the VM.
Additionally, multiple VMs can be grouped together in a Nutanix protection domain enabling them to be operated
upon as a single entity with the same RPO. This is useful when trying to protect complex applications such as
Microsoft SQL Server-based applications or Microsoft Exchange. The main advantage of using a protection
domain approach of grouping VMs versus the traditional SAN
approach of consolidating different VMs on to a single LUN is VM
Keeping Data Optimized
portability. VMs can be moved between different protection domains
on a Nutanix Virtual Computing Platform without the need for any
Nutanix Virtual Computing Platform
data to be moved or copied. For traditional SANs, changing a VM’s
runs a distributed data management
SLA will most likely require migrating the VM to another LUN or
service in the background. The
volume.
MapReduce-based service called Curator
Because of the unique NDFS design leveraging a shared nothing
distributed approach to metadata, there is no upper limit to the number
of snapshots that can be taken with the Nutanix Virtual Computing
Platform. This scalable approach eliminates the need for separate
is responsible for executing tasks such as
metadata optimization, garbage
collection of deleted VMs, data
reduction, tiering, consistency checking,
and rebalancing to optimize data across
nodes and flash/disks with minimal
impact to performance.
Data Protection and Disaster Recovery
6
storage systems for backup and long term archiving, as the VM snapshots are stored across the entire cluster that
makes up Nutanix Virtual Computing Platform.
Nutanix snapshot technology forms the basis of a unique set of functionality and ecosystem for high availability
and disaster-recovery. The first feature that builds on the Nutanix snapshot capability is VM-granular cloning.
Cloning can be used for a variety of reasons including deployment and recovery. Integration with the
virtualization stack with functionality such as VMware vStorage APIs for Array Integration (VAAI) and VMware
View Composer API for Array Integration (VCAI) enables administrators to simplify VM deployment using
integrated cloning. For the purpose of this document, the discussion will focus on recovering VMs.
The Virtual Computing Platform enables user-driven recovery of individual VMs from snapshots. This is done by
either replacing the existing active VM with the snapshot copy or by creating a separate clone of a snapshot
preserving the active VM. Depending on settings of snapshot, the recovered VM will either be crash-consistent or
VM-consistent upon recovery.
If needed, administrators can create a clone of a Nutanix VM-granular snapshot for the purpose of recovering a
single file without taking up additional space. Compared to a traditional LUN/volume based approach, a VMgranular snapshot approach eliminates the need for first recovering the storage object (LUN/volume) and then
identifying and mounting the VM, and recovering the file.
Hybrid Cloud Deployments with Cloud Connect
With Nutanix Cloud Connect, customers can now leverage public cloud services as a destination and seamlessly
backup and recover their Virtual Machines as if it were another site that they own. It reuses all existing concepts
that we discussed earlier and extends it to the public cloud. Depending on the workload and the associated SLAs,
customers can tune the backup schedule and retention periods. All the management happens centrally from
within Nutanix Prism.
A single management console will be used for managing storage, compute, backup and DR. From within Nutanix
Prism, Cloud Connect can be setup, workloads can be backed up to public cloud or a remote site, protected items
can be parsed through quick recovery can be performed, make changes to protection schedules. When using a
VPC to connect to public cloud all of the nodes help participate in replication so it does not impact the running
workloads
Data that is sent across the WAN can be compressed and the granularity of what is sent is at the byte level. If
32KB of data is changed Nutanix will send 32BK of data. If only 4KB of data has changed then only 4KB of data
is sent.
Data Protection and Disaster Recovery
7
Figure 3: Cloud Connect leverages public cloud resources worldwide
Data Protection and Disaster Recovery
8
3. Disaster Recovery
Remote Replication
Nutanix VM-granular snapshots also make it possible to efficiently replicate individual virtual machines from a
primary Virtual Computing Platform to one or more secondary Nutanix clusters across different sites. By
supporting a fan-out and fan-in or multi-way model for replication, the Virtual Computing Platform can create
flexible multi-master virtualization environment for backup and disaster recovery. Deployments supporting
numerous remote and branch offices can benefit from a flexible deployment model.
Figure 4: Multi-way protection domains make DR flexible
Since the software-defined replication functionality builds on VM-granular snapshots, policies for replication are
also set at the individual protection domain level rather than working at the LUN/volume level. Only byte-level
changes between snapshots of individual-VMs are sent over the network to the remote cluster. NDFS also enables
another host other than the one serving IO on the active virtual disk in the cluster can do the work of calculating
the changed blocks; eliminating performance bottlenecks for critical VMs and their corresponding hosts. So all
nodes in the cluster participate in replication.
Host-based or storage
VM-granular Replication
based replication
with Nutanix
Figure 5: Eliminate bottlenecks by using all cluster resources for replication
To make the most out of WAN connectivity, the data can be deduplicated and compressed before it is sent across
the WAN. First the fingerprint of changed blocks for individual VMs are sent from the primary system to the
different destinations. The different destination systems report back with the unique blocks they need to create the
destination, which is sent back by the primary system. Deduplicating data sent to remote sites can effectively cut
the bandwidth required by as much as 75% versus host-based full-copy backup solutions.
Data Protection and Disaster Recovery
9
Nutanix VM-granular replication makes it possible to create an affordable disaster recovery solution. The
converged compute and storage approach used by Virtual Computing Platform along with the VM-centric
approach to replication makes creating a disaster recovery solution very simple. Using the protection domain
concept, the groups of related VMs can be replicated together and those VMs can be brought up on the secondary
site with a single command in case the primary site is down. Because the workloads are virtualized and replication
is not hardware dependent, the secondary site can have different cluster sizes and configurations from the
primary site’s clusters. This is especially useful for deployments with multiple remote sites using a centralized
backup and disaster recovery strategy.
Metro Availability
Metro Availability synchronously replicates data to another site ensuring that a real-time copy of data exists at a
different location. In the event of a disaster or a planned maintenance, virtual machines (VM) can failover from a
primary site to a secondary site, guaranteeing near 100% uptime for applications.
Metro Availability is a continuous availability solution that provides a global file system namespace across a
“stretched” container between Nutanix clusters. The stretched container is supported by synchronous storage
replication across independent Nutanix clusters across different sites. Synchronous replication is enabled at the
container level, and all virtual machines and files stored within that container are replicated synchronously to
another Nutanix cluster.
Containers have two primary roles while enabled for Metro Availability, Active and Standby. Active containers
replicate data synchronously to Standby containers. The active and standby containers will be mounted to their
respective Hypervisor hosts using the same datastore name, which effectively spans the datastore across both
clusters and sites. With a stretched datastore across both Nutanix clusters, a single Hypervisor cluster can be
created and common clustering features, like VMware vMotion and VMware High Availability, can be used to
manage the environment.
Metro Availability is supported in conjunction with existing Nutanix data management features including
compression, deduplication and tiering. Metro Availability also allows compression to be enabled for the
synchronous replication traffic between the Nutanix clusters. The compression of replication traffic is enabled
when creating the remote site configuration and will help reduce the total bandwidth required to maintain the
synchronous relationship.
With Metro Availability, hypervisor related high availability or clustering technologies typically used within
datacenters can now be leveraged across datacenters. This type of configuration is commonly referred to as a
stretched cluster and helps to minimize downtime during unplanned outages. Metro Availability also supports the
migration of virtual machines across sites using technologies such as vMotion. This enables zero downtime while
transitioning workloads between datacenters.
Setup and management is simple, intuitive and done from within the Prism UI. It can also be automated using
REST APIs in larger environments. The simplicity and ease of management is unparalleled and for the first time
enterprises will have a modern consumer-grade management experience when it comes to disaster recovery and
high availability.
Data Protection and Disaster Recovery
10
Figure 6: Nutanix Metro Availability delivers zero RPO
Data Protection and Disaster Recovery
11
4. Ecosystem Integration
Nutanix integrates with popular offload capabilities, including VMware API for Array Integration (VAAI),
Microsoft Offloaded Data Transfer (ODX) to create clones in a matter of seconds with minimal overhead.
Additionally, with support for vStorage API for Data Protection (VADP) and application-level consistent
snapshots by leveraging Volume Shadow Services (VSS), Nutanix backup and DR capabilities fully integrate
with third-party tools, such as Symantec NetBackup, Commvault Simpana, and Veeam.
Data Protection and Disaster Recovery
12
5.
A RESTful Future
Nutanix Virtual Computing Platform provides an exhaustive list of REST APIs accessed through the Nutanix
Prism management framework to various functions including around data protection and disaster recovery. These
APIs can be explored through the Nutanix Prism API explorer. The REST APIs are the foundation for the Nutanix
Prism management interface and for failover run book automation.
Figure 7: Nutanix Prism APIs and PowerShell commandlets enable runbook automation for failover
Nutanix Prism APIs and PowerShell commandlets can also be used to automate workflows using snapshots and
replication for backup and disaster through scripting languages, or workflow engines. The Prism APIs are also
used to create an automated run book for failover, automatically registering the VM at the DR site in VMware
vCenter and powering them on. For example, a custom script can be created using the Prism APIs can trigger a
Virtual Computing Platform to take and replicate a snapshot of the group of critical VMs making up an orderentry system, based on the number of transactions being executed.
Data Protection and Disaster Recovery
13
6. Conclusion
Most enterprise workloads are either unprotected or under-protected. Significant budget requirements and
deployment complexities have prohibited enterprises from protecting their applications resulting in downtime
during software and hardware glitches and user errors. With the increasing use of virtualization for critical
workloads it is no longer optional to deploy data protection and disaster recovery. With VM-granular snapshots
and recovery, use of policy-based protection domains, VM-granular site-to-site replications, Metro Availability,
and centralized management using Prism, Nutanix Virtual Computing Platform provides the functionality to
backup critical data, protect applications, and survive disasters efficiently without specialized skill or investment.
Figure 8: Keep applications protected and available with Nutanix
Data Protection and Disaster Recovery
14