Microsoft has been busy rebranding some of its major server offerings under the System Center suite, including Microsoft Operations Manager, now under the System Center Operations Manager moniker, and Systems Management Server (SMS), now known as System Center Configuration Manager (SCCM). System Center also includes several other powerful solutions for IT environments; in this article I’ll focus on a solution that addresses—and does so very well—the age-old problem of protecting your most valuable IT asset: data. The solution that does this for you is System Center Data Protection Manager (DPM) 2007.
DPM: What It Does
DPM 2007 is the second version of Microsoft’s data protection solution, and it’s come a long way in a very short amount of time to provide a comprehensive solution for your Microsoft environment. And that’s a key point: DPM isn’t all things to all people; it’s been developed to provide the best data protection for key Microsoft platforms and only those platforms—namely, Windows file shares and directories, Microsoft Virtual Server, Microsoft Office SharePoint Server, SQL Server, and Microsoft Exchange Server; Hyper-V support is expected to be added soon.
By concentrating on these key server applications, Microsoft hasn’t had to dilute DPM’s functionality to cover many different platforms, messaging systems, or databases. Instead, the solution focuses on how the covered services work and store data. In addition, DPM takes advantage of the applications’ native capabilities for restoring data; for example, DPM uses Exchange Recovery Storage Groups for certain types of Exchange restoration. This ability to tap into native restoration processes is a key feature of DPM: Remember, you don’t do backups simply to have a copy of the data; you do backups to facilitate restoration. When you look at data protection solutions, you need to consider how they perform restorations and what capabilities they provide.
A question you might have already is, “Well, what type of data protection does DPM provide—is it continuous data protection (CDP) or is it the same as my nightly backup to tape?” The answer is both. DPM is natively a disk-based backup and recovery solution. Information gathered from its protected clients is stored to disk, but these disk-based snapshots can also be written to tape for archival purposes, which is a new feature in DPM 2007. You can even skip the disk backup and go straight to tape.
I’ve had many clients ask if DPM replaces their existing backup solution. For environments that are pure Microsoft, the answer is that it probably can. If your environment has a mixture of OSs, you’ll need a different backup solution, but you could still leverage DPM’s data protection for the Microsoft portions of the environment.
How It Works
To collect data from protected clients, DPM requests Microsoft Volume Shadow Copy Service (VSS) snapshots. DPM stores the snapshots on its available disks, which can be DAS, iSCSI SAN, or Fibre Channel SAN. This collection method works well for DPM because each of the DPM-protected applications has a VSS writer written by the product’s development team; for example, an Exchange 2007–specific VSS writer is installed as part of Exchange 2007. These VSS writers have the built-in intelligence needed to ensure the snapshot contains all the required information so that its integrity is guaranteed; for example, the writers make sure that transactions have been flushed completely and that a copy isn’t taken halfway through a write to the database.
Also, the snapshots are smart: Only the delta information between the current and previous snapshot is sent to the DPM server. This feature is known as an express full backup. So even though you have 5TB of Exchange storage, for example, the changed data sent to the DPM server for each snapshot might be only a few hundred megabytes. Therefore, DPM bandwidth use is low, so you can perform snapshots frequently. In fact, you can take a snapshot as often as every 15 minutes and can keep as many as 512 snapshots online, allowing highly granular restoration.
DPM can also collect transaction log data. Gathering transaction logs is separate from taking a snapshot, so you could perform a snapshot once a day and collect transaction logs every 15 minutes. If you needed to restore in this example, you would restore the snapshot, then replay all the transaction logs you’d collected since the snapshot—all automatically. By setting a 15-minute snapshot interval, you can be assured the maximum data loss would be less than 15 minutes, assuming a crash occurs just before the next snapshot was to be taken. However, when you combine the snapshot interval with the ability to replay transaction logs from the supported applications, you actually have a zero-loss solution and essentially a CDP environment—assuming you follow best practices by placing the databases and transaction logs on separate disks. Of course, if the transaction logs aren’t available or the protected data doesn’t have transaction logs, it’s still possible to have less than 15 minutes of data loss using snapshots. Figure 1 shows DPM’s VSS-based backup process.
Virtual environments are becoming mainstream, so you might wonder how DPM supports virtual environments. Microsoft Virtual Server 2005 R2 SP1 provided us with a recursive VSS writer, which means that when DPM requests a VSS snapshot of a virtual machine (VM), the Virtual Server VSS writer informs the guest OS that a VSS snapshot will be taken, and the VSS writers in the guest are called to ensure the data within the host is in a consistent state. For example, if a VM is running Exchange, the Virtual Server VSS writer tells the guest OS a snapshot is being taken, which then tells the virtualized Exchange server’s VSS writer to run. If a guest VM is running an OS that doesn’t support VSS, DPM puts the VM in hibernate mode just long enough to get the snapshot, then lets it resume.
DPM Architecture
The deployment topology you use depends on the requirements of your organization—the speed at which you want to be able to restore data, what functionality you plan to offer to end-users, and of course your available hardware and budget. DPM has three main storage combinations you can deploy:
- Disk to disk—This is the preferred option for DPM; it essentially takes the snapshot information from the protected disks and stores the information on storage managed by the DPM server.
- Disk to disk to tape—In this scenario, data from the protected clients is protected primarily on DPM disk storage but is also periodically written to tape.
- Disk to tape—This method is effectively using DPM as a tape backup program; it takes data from the protected clients and writes it directly to DPM-attached tape devices.
If you plan to use any disk-based protection, your DPM server should have at least twice as much disk space as the data it’s protecting. Remember, DPM isn’t just storing the data, but also the changes in the data over a potentially long period of time, which is why you need additional storage space. To get an exact disk space amount, download the DPM 2007 Storage Calculator from Microsoft’s website. The calculator is a Microsoft Excel spreadsheet that provides you with detailed storage requirements based on information you enter about your environment.
In smaller environments, DPM could be used just as the manager for nightly backups to tape. However, because storage can be easily added to DPM, the data protection could later be shifted to disk-based storage, which is commonly far more reliable than tape backups. Also, because the disk-based backup is always on, you can choose to let users restore certain types of information themselves, such as files and folders—a very appealing notion that can reduce administrator overhead incurred searching through tapes.
You need a management license (ML) for each client you wish to protect with DPM. DPM 2007 comes with two types of ML. A standard ML is required for servers on which you wish to perform only file- and folder-level protection (i.e., your file servers and typical servers and desktops); a standard ML also includes protected system state on servers such as domain controllers. You need an enterprise ML for servers that require application-level protection (i.e., servers running SQL Server, Exchange, Virtual Server, or SharePoint). MLs are in addition to purchasing the DPM server product but are provided as part of certain enterprise suites.
Installing DPM 2007
The DPM 2007 server runs on Windows Server 2008 or Windows Server 2003, with both x86 and x64 architectures supported; 64-bit is the recommended platform. The DPM server should be dedicated for DPM; you can’t install DPM on a domain controller or on any type of application or management server. In addition to the disk space requirements I mentioned earlier, if you’re setting up disk-to-disk protection, your DPM server should have at least 2GB of memory, and the pagefile size needs to be increased beyond the typical pagefile recommendations for a server, which is based on memory in the physical server, by 0.2 percent of the size of all protected data. For example, if you have 1TB of protected data, you should increase your pagefile size by 2GB (1TB = 1000GB, 0.2% × 1000GB = 2GB).
DPM uses a SQL Server database to store configuration and indexing information, and this database is the source of DPM reporting. This database can be installed either locally on the DPM server during DPM installation or on an existing SQL Server instance. If you choose to use a remote instance, you just give DPM the name of the SQL Server instance during installation and a set of credentials it can use to create a new database on that instance. The SQL Server instance that’s part of DPM is a standard edition of SQL Server 2005 SP2 embedded in the DPM 2007 media, but it’s locked down so that the database can be used only by DPM.
There are several prerequisites for Windows Server 2003 boxes, including a VSS rollup patch, and you need to download and install Windows PowerShell. These steps aren’t needed on Server 2008 because the VSS fix is part of the OS as is PowerShell—viva Windows Server 2008!
DPM installation is a simple process driven by a wizard that starts by performing prerequisites checks to ensure your system meets all requirements; if it detects problems, it displays the corrective action. As Figure 2 shows, DPM requires the Single Instance Store (SIS) component to ensure the most efficient storage of its content. If a required component isn’t installed, the wizard displays the command necessary to install it.
The rest of the setup wizard guides you through selecting a SQL Server instance or installing SQL Server locally, and it adds additional features and roles that are needed on the server, such as Microsoft IIS and PowerShell. The installation process can take some time because of the number of components potentially being installed, and when installation is complete you must reboot the server. The setup wizard displays a link to the main DPM page on Microsoft’s website where you can go to get updates for DPM.
Setting DPM Storage
When the installation is complete and you’ve rebooted the server, you need to provision the disk and tape devices that DPM will use. I’ll focus on adding disk resources because this is the most common form of protection with DPM. You manage DPM 2007 primarily via the Administrator Console, which is broken down into sections for Monitoring, Protection, Recovery, Reporting, and Management. You use the Management section to add target storage disks. DPM can use any disk that the OS considers a fixed disk, including dynamic disks. You can’t use USB- or Firewire-attached devices as storage areas for DPM. In addition, the volume that DPM is installed on can’t be used as storage for DPM. Remember, you don’t need to add any storage for DPM to use if you’re using the disk-to-tape topology.
As Figure 3 shows, any disks suitable for use by DPM are displayed on the Disks tab of the Management section. You simply select the disks you wish to use for DPM storage, click Add, then click OK. The selected disks are converted to dynamic disks, and any existing volumes are converted to simple volumes. The process for selecting tape drives is the same, but you select the Libraries tab and perform a Rescan action first, then the console displays any supported tape drives.
Deploying DPM Agents
You now have a deployed DPM server. You have storage configured for storing snapshots of protected data. The only thing you’re missing is a way to actually gather those snapshots. For that, you need to deploy the DPM agent to each server and location you want DPM to protect.
You can deploy the DPM agent in numerous ways because the agent is provided as a Windows Installer (.msi) file, found in the C:\Program Files\Microsoft DPM\DPM\Agents folder of your DPM server. You can deploy the .msi file by using Group Policy or by using management products such as SCCM 2007 or SMS 2003. You can, of course, push the agent by using the Agents tab of the Administrator Console. Click Install in the Actions pane to launch the Protection Agent Installation Wizard, which displays a list of all computers in the domain. As Figure 4 shows, you can select multiple computers for agent deployment. Next, you’ll need to enter a set of credentials with permission to install software on the servers you selected, such as a domain administrator account. You also choose whether the servers should be automatically restarted; you have to reboot because you’re essentially injecting a filter driver into the file system stack.
I didn’t have much success installing agents with this method. Even after turning off the firewall entirely, the agent still didn’t push. Granted, I was trying to install onto Server 2008 boxes, and I found the Help files particularly unhelpful. The manual installation method using DPMAgentInstaller worked great, though!
There are two agents on the file system in RA and AC folders, which is because the DPM agent consists of two components, the actual protection agent (RA folder) and an agent coordinator (AC folder). However, you need to run only DPMAgentInstaller.exe from the RA folder (or DPMAgentInstaller_AMD64.exe for the 64-bit version). When you run the installer manually, you specify the DPM server name—although if you don’t, you can configure it later via the SetDpmServer.exe program that gets installed on the server. The following example shows the command to run the installer on a 64-bit client:
Z:\RA\2.0.5820.0\amd64>DPMAgentInstaller_AMD64.exe savdaldpm01.savilltech.net
This command installs the DPM protection agent and configures the firewall to allow DPM communication. After the servers are rebooted, you can connect them to your DPM server using PowerShell commands via DPM Management Shell, which you can access on the DPM server. Because the agent wasn’t pushed from DPM, this connection step is necessary so DPM knows the agent is deployed to the server. In the PowerShell command, you pass the name of the DPM server and the name of the server you installed the agent on, as follows:
.\Attach-ProductionServer.ps1 savdaldpm01.savilltech.net savdalsql01.savilltech.net
You can use this manual method of agent installation if you want to integrate the DPM agent into a server image. Just run DPMAgentInstaller on your reference machine, then capture the image. When you deploy the image to other servers, you’ll need to run the Attach-ProductionServer script on the DPM server and specify the names of the newly deployed servers.
Setting Up Protection Groups
The final step is to create a protection group for the computers that you want to protect. You create protection groups via the Protection area of the Administrator Console. Click Create protection group in the Actions pane to launch the Create New Protection Group Wizard, and you’re shown a list of all the servers that have the DPM agent installed. As Figure 5 shows, you can see the volumes, shares, and application-specific protectable units, such as Exchange storage groups, VM instances, and SQL Server databases. You can restore smaller units than these, but for establishing protection, you have quite broad options, which basically tie in to the methods the application-specific VSS writers supply.
After you select the data to protect, you’re prompted for how to protect it—for example, to disk, to disk and tape. Specific applications give you additional protection options; for example, when protecting Exchange stores, you can choose to run Eseutil on the DPM copy of data to ensure data integrity, but you’ll need to be sure to copy the required files to the DPM server. As Figure 6 shows, if you select an option without the appropriate prerequisites installed, DPM warns you and provides full information as to the exact files required and where to copy them.
With disk-based protection, you need to specify retention options for protected data, which by default is five days. Then you specify how often data should be synchronized to the DPM server; what you choose here will vary based on what data you’re protecting. For example, with Exchange and SQL Server, by default transaction-based data (i.e., transaction logs) is synced to the DPM server every 15 minutes, but you can change the interval to as long as once every 24 hours. You also set how often DPM performs an express full backup, which, remember, sends only changes since the last backup.
If you’re protecting file-based data, you can select how often to sync changes and how often you want to create file recovery points, which is performed three times a day by default. Recovery points are the times that will be available to clients to select point-in-time views of file resources. I’ll cover the different ways data is captured in more detail in “DPM 2007: Protecting and Restoring Data,” available in November on windowsitpro.com. After you’ve made these selections, the wizard informs you of the amount of disk space required for the selected members and the amount of space that will be allocated.
If you have tape drives attached, you can configure your long-term recovery goals by setting how many weeks, months, or years of data you want to keep and how often you want to create tape-based backups; the default backup period is weekly. You also need to specify which tape library to use as well as compression and encryption options.
Finally, you can select how the data is transferred from the member server to the DPM server for the initial replica. Typically, this replica is copied immediately over the network, but you can configure this copy to be performed later or you can elect to manually copy the data over via removable media if you have a large amount of data.
You now have protected information via DPM 2007!
A Versatile Solution
You might be worried about having a single central DPM server responsible for all of your data protection. What happens if you lose your DPM server? The answer is to use another DPM server. You can configure a second DPM server to protect the primary DPM server. For instance, you could have a DPM server in Dallas collecting data from all your servers in Dallas. You can have another DPM server in Orlando that’s configured to protect the DPM server in Dallas. All the protected data on the Dallas DPM server is sent to the Orlando DPM server—and the even better news is that the Orlando DPM data maintains the same formatting as the original Dallas data. Therefore, you can restore data from the Orlando DPM server directly to one of the protected Dallas servers; you don’t have to restore the Orlando backup to the Dallas DPM server first. You could even use disk-to-disk protection on the Dallas DPM server, then use disk-to-disk-to-tape protection on the Orlando DPM server, giving you offsite tape backups of the Dallas data. If you use a SAN for the original DPM storage location, you already have a highly available platform for your data, which is probably the best way to go if you have large amounts of data.
Microsoft has done a great job making DPM an automated and intuitive solution. You should now have a good grasp of the general DPM product and what’s involved in setting it up, which I think you’ll agree isn’t too difficult. In the next article, I’ll show you how to use DPM to protect specific types of data, namely Exchange and SQL Server, plus how to recover data with DPM, including end-user self-recovery and bare-metal recovery scenarios. I’ll also go into more detail about how data is copied over to the DPM server, using combinations of full backups and transaction-based transmissions.
For now, get DPM installed in your lab and start playing! Microsoft has trial versions available for download, and I think you’ll agree this is one cool solution. Now, if only they would just fix some of the Help files.