Backup of ESXi Virtual Machines using Affa

From SME Server
Revision as of 00:53, 2 November 2008 by Mweinber (talk | contribs) (New page: === Introduction === As of version 2, Affa supports hot backing up virtual machines running on the VMWare ESXi server. It uses the VMware Infrastructure Perl Toolkit to communicate with th...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Introduction

As of version 2, Affa supports hot backing up virtual machines running on the VMWare ESXi server. It uses the VMware Infrastructure Perl Toolkit to communicate with the EXSi and rsync over ssh to transfer the data. Before the backup starts, the state of the running VM is freezed by creating a snapshot of all its disks. After the freezed virtual disk files were backed up, the snapshot is deleted and the config points to the just backed up disks again. Then, as a last step the config files are backed up.

A restore of a VM can be done by simply copying back all archived files to the original location on the ESXi host. It is also possible to copy the files to a different directory (or to another ESXi server) and add the vmx file to the inventory.


Warning.png Warning:
As Affa Version 2 is in a BETA state, errors in design and/or implementation cannot be completely eliminated. Therefore take precautions to avoid negative impacts to your system. In particular do not use it on production systems.


Preparing the Affa Server

Install the VMware Infrastructure (VI) Perl Toolkit

Download the VI Perl Toolkit tarball from the VMWare web site: http://www.vmware.com/support/developer/viperltoolkit/

Login as root and run:

/usr/bin/yum install openssl-devel
/usr/bin/yum --enable=dag install perl-XML-SAX
tar xzf VMware-VIPerl-1.6.0-104313.i386.tar.gz
cd vmware-viperl-distrib
./vmware-install.pl

Ignore this warning: The following Perl modules were found on the system but may be too old to work with VIPerl: URI XML::NamespaceSupport

Update Affa

Update to Affa version 2. Download the RPM from http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Affa2

/usr/bin/yum localinstall smeserver-affa-2.*.noarch.rpm

Preparing the ESXi Host for use with Affa

To make the ESXi server ready to cooperate with Affa you must install the rsync program, enable the ssh service, configure passwordless ssh login and add a user for communication using the VMware Infrastructure (VI) Perl Toolkit.

Adding an ESXi User with restricted Permissions

Run the Virtual Infrastructure Client and logon to the ESXi host.

Adding Affa role

Switch to the Administration module and add a new role with permissions to create and delete snapshots

Affa add new esxi role.gif

Adding Affa user

Switch back to the Inventory module and add a new user with password:

Affa add new esxi user.gif

Assigning permissions

In the Permission Tab assign the new role to the new user.

Affa add new esxi permission.gif


Configuration of the SSH Service on the ESXi Host

(Note: ESXI uses Dropbear rather than OpenSSL Server)

On the ESXi Server console hit Alt-F1 to get the service shell. Now blind-type the word unsupported to unlock the shell. Login with the root password.

Edit the '/etc/inetd.conf' using the vi editor. Remove the leading Hash ('#') from this line:

#ssh     stream  tcp     nowait  root    /sbin/dropbearmulti     dropbear ++min=0,swap,group=shell -i

Save the file.

Find the PID of the inetd process: (1302 in this example)

ps | grep inetd

1302 1302 busybox inetd

Send HUP signal to force inetd to re-read the configuration

kill -HUP 1302


Now you can ssh logon. Please note, that a Dropbear bug causes an incorrect return status of the executed command. In most cases Dropbear returns -1 value, although the command was executed without errors.

Install the rsync program on the ESXi host

Remote copy the rsync-static binary to the ESXi host into directory /usr/bin.

scp rsync-static root@<ESXiIP>:/usr/bin/

Create symbolic link to /usr/bin/rsync:

ln -fs /usr/bin/rsync-static /usr/bin/rsync
How to get the statically linked rsync binary

You can either download a compiled binary from http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Affa2

or you can make it by yourself on a linux computer:

1. download the source from http://rsync.samba.org/

2. unpack the tarball

tar xzf rsync-3.0.4.tar.gz
cd rsync-3.0.4

3. build the statically linked binary

make CFLAGS="-static" EXEEXT="-static"
strip rsync-static

Configuration of Public Key Login

SSH logon to the ESXi host and create a new home directory for user root

mkdir -p /root/.ssh
chmod -R 700 /root 

Edit /etc/passwd using the vi editor and carefully change the line

root:x:0:0:Administrator:/:/bin/ash

to

root:x:0:0:Administrator:/root:/bin/ash

Once you have configured the Affa ESXi job, run on the Affa server:

affa --send-key <JOB>

Setting up an Affa job

The following assumes that you are already familiar with configuring Affa and only focus on the ESXi specific parts.

Assume you want to backup the virtual machine named 'myvm' on ESXi server with IP 10.200.48.5.

1. log into the 'affabox' and copy the config helper script

cp -a /usr/lib/affa/jobconfig-esxi-sample.pl /root/esxi-myvm-job.pl

2. edit /root/esxi-myvm-job.pl and set

my $jobname='esxi-myvm';

and

'remoteHostName‘=>'10.200.48.5',

3. set the VM name

'ESXiVMName' => 'myvm',

4. set the username and password (this is the ESXi User with restricted Permissions created above)

'ESXiUsername' => 'affa',
'ESXiPassword' => 'secret',

5. save, then run it

/root/esxi-myvm-job.pl

6. send the public key

affa --send-key esxi-myvm

7. run the job manually

affa --run esxi-myvm