Changes

From SME Server
Jump to navigationJump to search

Backup of ESXi Virtual Machines using Affa (view source)

Revision as of 21:04, 2 November 2013

2,771 bytes added ,  21:04, 2 November 2013
→‎Configure the DAG repository
Line 1: Line 1:  +
{{Level|Advanced}}
 +
 
=== Introduction ===
 
=== Introduction ===
As of version 2, Affa supports hot backing up virtual machines running on the VMWare ESXi server. It uses the VMware Infrastructure Perl Toolkit to communicate with the EXSi and rsync over ssh to transfer the data. Before the backup starts, the state of the running VM is freezed by creating a snapshot of all its disks. After the freezed virtual disk files were backed up, the snapshot is deleted and the config points to the just backed up disks again. Then, as a last step the config files are backed up.
     −
A restore of a VM can be done by simply copying back all archived files to the original location on the ESXi host. It is also possible to copy the files to a different directory (or to another ESXi server) and add the vmx file to the inventory.
+
[[Affa]] supports hot backing up virtual machines running on the VMWare ESXi server. It uses the VMware Infrastructure Perl Toolkit to communicate with the EXSi and rsync over ssh to transfer the data. Before the backup starts, the state of the running VM is freezed by creating a snapshot of all its disks. After the freezed virtual disk files were backed up, the snapshot is deleted and the config points to the just backed up disks again. Then, as a last step the config files are backed up.
 +
 
 +
A restore of a VM can be done by simply copying back all archived files to the original location on the ESXi host. It is also possible to copy the files to a different directory (or to another ESXi server) and add the vmx file to the inventory. Alternatively with SambaShare=yes the VMWare Converter tool can be used.
 +
 
 +
 
 +
{{Note box|This document is applicable to ESX3i with an USB boot device. It will most likely not work with other type of boot devices}}
   −
{{Warning box|As Affa Version 2 is in a BETA state, errors in design and/or implementation cannot be completely eliminated. Therefore take precautions to avoid negative impacts to your system. In particular do not use it on production systems.}}
+
{{Warning box|This software comes 'as is' without any warranty.  Errors in design and/or implementation cannot be completely eliminated. Therefore take precautions to avoid negative impacts to your system.}}
    
=== Preparing the Affa Server ===
 
=== Preparing the Affa Server ===
==== Install the VMware Infrastructure (VI) Perl Toolkit ====
+
==== Affa Installation ====
Download the VI Perl Toolkit tarball from the VMWare web site: http://www.vmware.com/support/developer/viperltoolkit/
+
Install the Affa program as descibed here: [[Affa#Installation_or_Update]]
 +
 
 +
==== VMware Infrastructure (VI) Perl Toolkit Installation ====
 +
===== Configure the DAG repository =====
 +
You need to activate the [[Dag]] reposity before installing this contrib.<br />
 +
 
 +
see [[dag|dag repository]] <br />
 +
 
    
Login as root and run:
 
Login as root and run:
 
  /usr/bin/yum install openssl-devel
 
  /usr/bin/yum install openssl-devel
 
  /usr/bin/yum --enable=dag install perl-XML-SAX
 
  /usr/bin/yum --enable=dag install perl-XML-SAX
 +
 +
===== Install the VMware Infrastructure (VI) Perl Toolkit =====
 +
Download the VI Perl Toolkit tarball from the VMWare web site: http://www.vmware.com/support/developer/viperltoolkit/
 
  tar xzf VMware-VIPerl-1.6.0-104313.i386.tar.gz
 
  tar xzf VMware-VIPerl-1.6.0-104313.i386.tar.gz
 
  cd vmware-viperl-distrib
 
  cd vmware-viperl-distrib
 +
Edit the vmware-install.pl script and comment out these lines
 +
  4738 #      if ( -d '/proc/xen' ) {
 +
  4739 #        error('You cannot install ' .
 +
  4740 #              vmware_product_name() .
 +
  4741 #              ' on a system running a xen kernel.');
 +
  4742 #      }
 +
Run the script
 
  ./vmware-install.pl
 
  ./vmware-install.pl
 
Ignore this warning:
 
Ignore this warning:
Line 22: Line 45:  
XML::NamespaceSupport
 
XML::NamespaceSupport
   −
==== Update Affa ====
+
 
Update to the '''latest''' Affa 2.x beta version. Download the RPM from http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Affa2
  −
/usr/bin/yum localinstall smeserver-affa-2.*.noarch.rpm
      
=== Preparing the ESXi Host for use with Affa ===
 
=== Preparing the ESXi Host for use with Affa ===
To make the ESXi server ready to cooperate with Affa you must install the rsync program, enable the ssh service, configure passwordless ssh login and add a user for communication using the VMware Infrastructure (VI) Perl Toolkit.
+
To make the ESXi server ready to cooperate with Affa you must install the rsync program, enable the ssh service, configure passwordless ssh login and add a user for API communication using the VMware Infrastructure (VI) Perl Toolkit.
 
==== Adding an ESXi User with restricted Permissions ====
 
==== Adding an ESXi User with restricted Permissions ====
 
Run the Virtual Infrastructure Client and logon to the ESXi host.
 
Run the Virtual Infrastructure Client and logon to the ESXi host.
Line 44: Line 65:       −
==== Configuration of the SSH Service on the ESXi Host ====
+
==== Configuring SSH and RSYNC on the ESX3i Host ====
(''Note: ESXI uses Dropbear rather than OpenSSL Server)''
+
On ESXi the SSH service Dropbear is installed but disabled. To use rsync the SSH service must be enabled and the rsync program must be installed. To enable passwordless login a .ssh directory for storing the keys must be created.
 
  −
On the ESXi Server console hit Alt-F1 to get the service shell. Now blind-type the word ''unsupported'' to unlock the shell. Login with the root password.
  −
 
  −
Edit the '/etc/inetd.conf' using the vi editor. Remove the leading Hash ('#') from this line:
  −
#ssh     stream  tcp    nowait  root    /sbin/dropbearmulti    dropbear ++min=0,swap,group=shell -i
  −
Save the file.
  −
 
  −
Find the PID of the inetd process: (1302 in this example)
  −
ps | grep inetd
  −
 
  −
<tt>1302 1302 busybox              inetd</tt>
     −
Send HUP signal to force inetd to re-read the configuration
+
A script <tt>affa-setup.sh</tt> is provided that does this:
 +
* enable SSH service by configuring inetd.conf and restarting the inetd service
 +
* install rsync (statically linked binary)
 +
* create a /root home directory  with a .ssh sub directory to store the public keys for password-less login
 +
* link the .ssh directory to the non-volatile USB device
 +
* add a command to /etc/rc.local that executes all the steps above at boot time
   −
kill -HUP 1302
+
===== Download and install the script =====
 +
On the ESXi Server console hit Alt-F1 to get the service shell. Now blind-type the word '''unsupported''' to unlock the shell.
    +
Login with the root password.
   −
Now you can ssh logon. Please note, that a Dropbear bug causes an incorrect return status of the executed command. In most cases Dropbear returns -1 value, although the command was executed without errors.
+
[[Image:Affa_esxi_service_console.gif‎]]
   −
==== Install the rsync program on the ESXi host ====
+
Download the tarball. The tarball contains the rsync binary and the script.
Remote copy the rsync-static binary to the ESXi host into directory /usr/bin.
+
cd /bootbank
  scp rsync-static root@<ESXiIP>:/usr/bin/
+
  wget <nowiki>http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Affa2/affa-esxi-setup-02.tgz</nowiki>
Create symbolic link to /usr/bin/rsync:
+
Verify the download
ln -fs /usr/bin/rsync-static /usr/bin/rsync
+
  wget <nowiki>http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Affa2/affa-esxi-setup-02.tgz.md5sum</nowiki>
 +
  md5sum -c affa-esxi-setup-02.tgz.md5sum
 +
Unpack it
 +
tar xzf affa-esxi-setup-02.tgz
 +
rm affa-esxi-setup-02.tgz*
 +
and run the script
 +
./bexi/affa-setup.sh
   −
===== How to get the statically linked rsync binary =====
+
Now you can ssh login and use rsync.
You can either download a compiled binary from http://mirror.contribs.org/smeserver/contribs/michaelw/sme7/Affa2
  −
 
  −
'''or''' you can make it by yourself on a linux computer:
  −
 
  −
1. download the source from http://rsync.samba.org/
  −
 
  −
2. unpack the tarball
  −
tar xzf rsync-3.0.4.tar.gz
  −
cd rsync-3.0.4
  −
3. build the statically linked binary
  −
make CFLAGS="-static" EXEEXT="-static"
  −
strip rsync-static
  −
 
  −
==== Configuration of Public Key Login ====
  −
SSH logon to the ESXi host and create a new home directory for user root
  −
mkdir -p /root/.ssh
  −
chmod -R 700 /root
  −
 
  −
Edit /etc/passwd using the vi editor and carefully change the line
  −
 
  −
root:x:0:0:Administrator:/:/bin/ash
  −
 
  −
to
  −
 
  −
root:x:0:0:Administrator:/root:/bin/ash
  −
 
  −
Once you have configured the Affa ESXi job, run on the Affa server:
  −
affa --send-key <JOB>
      
=== Setting up an Affa job ===
 
=== Setting up an Affa job ===
The following assumes, that you are already familiar with configuring Affa and only focus on the ESXi specific parts.
+
The following assumes, that you are already familiar with configuring [[Affa]] and only focus on the ESXi specific parts.
    
Assume you want to backup the virtual machine named 'myvm' on ESXi server with IP 10.200.48.5.
 
Assume you want to backup the virtual machine named 'myvm' on ESXi server with IP 10.200.48.5.
   −
1. log into the 'affabox' and copy the config helper script
+
* log into the 'affabox' and copy the config helper script
 
  cp -a /usr/lib/affa/jobconfig-esxi-sample.pl /root/esxi-myvm-job.pl
 
  cp -a /usr/lib/affa/jobconfig-esxi-sample.pl /root/esxi-myvm-job.pl
2. edit /root/esxi-myvm-job.pl and set
+
* edit <tt>/root/esxi-myvm-job.pl</tt> and set
 
  my $jobname='esxi-myvm';
 
  my $jobname='esxi-myvm';
 
and
 
and
 
  'remoteHostName‘=>'10.200.48.5',
 
  'remoteHostName‘=>'10.200.48.5',
3. set the VM name
+
* tell Affa that this job backups a ESXi virtual machine
 +
'ESXi' => 'yes',
 +
* set the VM name
 
  'ESXiVMName' => 'myvm',
 
  'ESXiVMName' => 'myvm',
4. set the username and password (this is the ESXi User with restricted Permissions created above)
+
* set the username and password (this is the ESXi User with restricted permissions created above)
 
  'ESXiUsername' => 'affa',
 
  'ESXiUsername' => 'affa',
 
  'ESXiPassword' => 'secret',
 
  'ESXiPassword' => 'secret',
5. save, then run it
+
* configure virtual disk files to be compressed and chunked
 +
'chunkFiles' => '*.vmdk',
 +
* save the script, then run it
 
  /root/esxi-myvm-job.pl
 
  /root/esxi-myvm-job.pl
6. send the public key
+
* send the public key
 
  affa --send-key esxi-myvm
 
  affa --send-key esxi-myvm
7. run the job manually
+
* run the job manually
 
  affa --run esxi-myvm
 
  affa --run esxi-myvm
   Line 127: Line 126:  
[[Image:Affa_esxi_viclient_tasks.gif]]
 
[[Image:Affa_esxi_viclient_tasks.gif]]
   −
The name of snapshot the snaphot starts with "BEXI-". Do not delete it or revert to it while Affa is running.
+
The name of the snaphot starts with "BEXI-". Do not delete it or revert to it while Affa is running.
 +
 
 +
=== Uninstall ===
 +
SSH login as root on the ESXi host and run these commands '''carefully''':
 +
grep -v "#BEXI" < /etc/rc.local >/etc/rc.local.affa; mv -f /etc/rc.local.affa /etc/rc.local
 +
sed -e 's#^\(root:.*\)\(:/root:\)\(.*\)#\1:/:\3#' < /etc/passwd > /etc/passwd.affa; mv -f /etc/passwd.affa /etc/passwd
 +
sed -e 's/^\(ssh.*\)/#\1/' < /etc/inetd.conf > /etc/inetd.conf.affa; mv -f /etc/inetd.conf.affa /etc/inetd.conf
 +
kill -HUP `ps | grep inetd | sed -e 's/ .*//'`
 +
rm -rf /bin/rsync /root /bootbank/bexi
 +
tar -C / -xzf /bootbank/environ.tgz sbin/dropbearmulti
 +
 
 +
=== Addtional Information ===
 +
 
 +
 
 +
 
 +
 
 +
===== How to update the ESXi System Image =====
 +
Shutdown the ESXi server. Remove the USB Memory stick and plug it into a linux computer.
 +
run the <tt>dmesg</tt> command to find out the device the memory stick is assigned to. The following example assumes that it is /dev/sdf. Replace is by the correct device.
 +
mkdir -p /mnt/esxi
 +
mount -t vfat /dev/sdf5 /mnt/esxi
 +
Save local.tgz and the bexi/ directory to the local machine
 +
cp -a /mnt/esxi/local.tgz /mnt/esxi/bexi .
 +
umount /mnt/esxi
 +
Download the ISO from the [http://www.vmware.com/download/esxi/ VMWare website] and extract the image.
 +
 
 +
mount -o loop VMware-VMvisor-InstallerCD*iso /mnt/esxi/
 +
mkdir -p /tmp/esxi
 +
tar -xvzf /mnt/esxi/install.tgz -C /tmp/esxi/
 +
umount /mnt/esxi
 +
cd /tmp/esxi/usr/lib/vmware/installer/
 +
bzip2 -d VMware-VMvisor-big*.dd.bz2
 +
Write the new image to the memory stick. Make sure that you use the correct target device of=...
 +
dd if=VMware-VMvisor-big-3.5.0_Update_3-123629.i386.dd of=/dev/sdf
 +
rm -rf /tmp/esxi
 +
Copy local.tgz and the bexi/ directory to the memory stick.
 +
mount -t vfat /dev/sdf5 /mnt/esxi
 +
cp -a local.tgz bexi /mnt/esxi
 +
umount /mnt/esxi
 +
Plug the memory stick into the ESXi server and power on.
 +
 
 +
Note: Alternatively you can install the new ESXi image on a second memory stick and then remote copy local.tgz and bexi/ from the running ESXi. Then shut down the ESXi server, replace the stick and power on. This minimizes the down time.
 +
 
 +
===== How to make a statically linked Rsync Binary =====
 +
''(This is just for information. A pre-build Rsync static is included in the affa-esxi-setup-*.tgz tarball)''
 +
* download the source from http://rsync.samba.org/
 +
* unpack the tarball
 +
tar xzf rsync-3.0.4.tar.gz
 +
cd rsync-3.0.4
 +
* build the statically linked binary
 +
make CFLAGS="-static" EXEEXT="-static"
 +
strip rsync-static
 +
 
 +
=== References ===
 +
Wiki article [[Affa]]
 +
 
 +
[[Category:Howto]]
 +
[[Category: Backup]]
 +
[[Category: Virtualisation]]
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/11411...22070"

Navigation menu