Back up and restore Hyper-V virtual machines

 

Updated: May 13, 2016

Applies To: System Center 2012 SP1 - Data Protection Manager, System Center 2012 R2 Data Protection Manager

DPM can back up virtual machines running on Hyper-V host servers. For supported DPM and Hyper-V versions see the DPM protection support matrix.

DPM can protect the following Hyper-V virtual machine scenarios:

  • Host or guest-level—You can back up virtual machines at the host or guest level. At the host level the DPM protection agent is installed on the Hyper-V host server or cluster. At the guest level the agent is installed on each virtual machine. If you deploy host level back you’ll be able to recover an entire virtual machine, or perform item-level recovery to want to be able to back up and restore specific files, folder, volumes or hard disks. Guest-level back is useful if you want to protect specific workloads running on a virtual machine. For example if you specifically want to back up a SQL Server database running on the virtual machine. Note that you must use guest-level backup if you want to protect data stored on passthrough disks. Passthrough allow the virtual machine to directly access the storage device and don’t store virtual volume data in a VHD file.

  • Local or direct storage—Back up virtual machines hosted on Hyper-V standalone servers that have local or directly attached storage. For example a hard drive, a storage area network (SAN) device, or a network attached storage (NAS) device.

  • CSVs—Back up virtual machines hosted on a Hyper-V cluster with Cluster Shared Volume (CSV) storage. DPM 2012 SP1 introduced express full backup, parallel backups, and cluster query improvements for CSV backup. In a cluster configuration the DPM protection agent is installed on each cluster node.

  • SMB—Back up virtual machines hosted on a Hyper-V standalone server or cluster with SMB 3.0 file server storage. SMB shares are supported on a standalone file server or on a file server cluster. If you’re using an external SMB 3.0 file server the DPM protection agent should be installed on it. If the storage server is clustered, the agent should be installed on each cluster node. You’ll need full-share and folder-level permissions for the machine$ account of the application server on the SMB share.

  • Live migration—Back up virtual machines that are configured for live migration. This provides uninterrupted data protection so that you can move virtual machines from one location to another while the virtual machines sustain connections and with no noticeable drop time. Live migration can transfer virtual machines between two standalone servers, within a cluster or between stand-alone and cluster nodes. You can also perform a live migration of virtual machine storage so that virtual machines can be moved to new storage locations while they continue to run. Running multiple live migrations concurrently is supported.

    • Live migration within a cluster— When a virtual machine is migrated within a cluster, DPM detects the migration, and backs up the virtual machine from the new cluster node without any requirement for user intervention. Because the storage location has not changed, DPM continues with express full backups. In a scaled scenario with two DPM servers to protect the cluster, a virtual machine that is protected by DPM1 continues to be protected by DPM1, no matter where the virtual machine is migrated.

    • Live migration outside the cluster—When a virtual machine is migrated between stand-alone servers, different clusters, or between a stand-alone server and a cluster, DPM detects the migration, and can back up the virtual machine without user intervention.

    • Post-migration

  • Replica virtual machines—Back up replica virtual machines running on a secondary server (DPM 2012 R2 only)

Read about supported scenarios and Prerequisites for virtual machine protection.

All_Symbols_Cloud Did you know that Microsoft Azure provides similar functionality in the cloud? Learn more about Microsoft Azure virtualization solutions.

Create a hybrid virtualization solution in Microsoft Azure:
- Configure Azure Backup to prepare for back up of Windows Server
- Move VM’s between Hyper-V and Microsoft Azure
- Manage Azure VMs with Virtual Machine Manager in System Center 2012 R2 with Rollup 6

How DPM backs up virtual machines

DPM works seamlessly with the Hyper-V Volume Shadow Copy Services (VSS) writer to ensure that consistent versions of virtual machines are captured and protected without affecting virtual machine access. The ability to back up open files is critical for business continuity.

By default DPM performs online backups that don’t affect the availability of virtual machines. To perform an online backup the following is required:

  • The Backup integration service must be enabled, so the operating system running on the virtual machine running must support Hyper-V integration services.

  • The guest operating system must support VSS (Windows 2003 server or later). Online backup isn’t supported if virtual machines are running Linux.

  • There should be no dynamic disks on the virtual machine.

  • All volumes must be NTFS

  • The VSS storage assigment for the volumes shouldn’t be modified.

  • The virtual machine must be running, and if the virtual machine is in a cluster the cluster resource group should be online. A Shadow Storage assignment of a volume inside the virtual machine mustn’t be explicitly set to a different volume other than itself.

If these conditions aren’t met DPM will perform an offline backup where the virtual machine is paused and placed in a saved state while the snapshot is taken, and then the virtual machine is resumed. This means the virtual machine is unavailable during the backup, usually a short period of less than a minute for many environments.

Backup process

DPM performs backup with VSS as follows:

  1. The DPM block-based synchronization engine makes an initial copy of the protected virtual machine and ensures that the copy of the virtual machine is complete and consistent.

  2. After the initial copy is made and verified, DPM captures backups by using the Hyper-V VSS writer. The VSS writer provides a data-consistent set of disk blocks that are synchronized with the DPM server. This approach provides the benefit of a "full backup" with the DPM server while it minimizes the amount of backup data that have to be transferred across the network.

  3. The DPM protection agent on a server that is running Hyper-V uses the existing Hyper-V APIs to determine whether a protected virtual machine also supports VSS.

    • If a virtual machine complies with the requirements for online backup and has the Hyper-V integration services component installed, then the Hyper-V VSS writer recursively forwards the VSS request through to all VSS-aware processes on the virtual machine. This operation occurs without the DPM protection agent being installed on the virtual machine. This recursive VSS request allows the Hyper-V VSS writer to ensure that disk write operations are synchronized so that a VSS snapshot is captured without the loss of data.

      The Hyper-V integration services component invokes the Hyper-V VSS writer in Volume Shadow Copy Services (VSS) on virtual machines to ensure that their application data is in a consistent state.

    • If the virtual machine doesn’t comply with online backup requirements, DPM automatically uses the Hyper-V APIs to pause the virtual machine before they capture data files.

  4. After the initial baseline copy of the virtual machine synchronizes with the DPM server, all changes that are made to the virtual machine resources are captured in a new recovery point. The recovery point represents the consistent state of the virtual machine at a specific time. Recovery point captures can occur at least one time a day. When a new recovery point is created, DPM uses block-level replication in conjunction with the Hyper-V VSS writer to determine which blocks have been altered on the server that is running Hyper-V after the last recovery point was created. These data blocks are then transferred to the DPM server and are applied to the replica of the protected data.

  5. The DPM server uses VSS on the volumes that host recovery data so that multiple shadow copies are available. Each of these shadow copies provides a separate recovery. VSS recovery points are stored on the DPM server. The temporary copy that is made on the server that is running Hyper-V is only stored for the duration of the DPM synchronization.

Next steps

Read about Prerequisites for virtual machine protection.