Purpose

This article provides information about protecting VMware Cloud on AWS with IBM Spectrum Protect Plus 10.1.5 or later.  For more information about supported versions of IBM Spectrum Protect Plus, see IBM Spectrum Protect Plus support for VMware Cloud on AWS.

Disclaimer: The partner solution referenced in this article is a solution that is developed and supported by a partner. Use of this product is also governed by the end user license agreement of the partner. You must obtain from the partner the application, support, and licensing for using this product. For more information, see IBM Spectrum Protect Plus.

Resolution

Here is a summary of target use cases, solution architecture, solution components, and support information.

Use cases that are supported on VMware Cloud on AWS

IBM Spectrum Protect Plus provides data protection for virtual machines managed by a VMware Cloud on AWS SDDC and supports these use cases:

• Virtual machine data protection providing backup to a centralized IBM Spectrum Protect Plus vSnap server.
• Incremental forever virtual machine backup using VMware’s Change Block Tracking (CBT) feature to reduce the daily backup workload to only data that has changed since the previous backup operation
• Data compression and data deduplication at the backup source or target.
• Automatic discovery of new virtual machine inventory without having to modify existing data protection policies.
• Recovery of a virtual machine within a VMware Cloud on AWS SDDC either to replace a failed machine or as a new virtual machine entity including virtual network (NSX) definitions.
• HotAdd transport mode. The VADP proxy needs to have access to the datastore being backed up (For example: running on a host that has access to the datastore).

Use cases that are not supported on VMware Cloud on AWS

These use cases are not supported by IBM Spectrum Protect Plus when deployed in a VMware Cloud on AWS SDDC:

• Use of the vSphere Web Client or vSphere Client plugins for IBM Spectrum Protect Plus.
• Ability to instantly access a virtual machine image by accessing data directly from the IBM Spectrum Protect Plus backup storage. Ability to instantly restore a virtual machine by accessing data directly from the IBM Spectrum Protect Plus backup storage and migrating the storage to vSAN storage located in the SDDC using Storage vMotion.
• Recovery of virtual machines outside of the SDDC.
• NBD, NBDSSL, and SAN transport modes.

Solution Architecture

The recommended architecture for protecting virtual machines in a VMware Cloud on AWS SDDC allows a customer to protect virtual machine workloads within the SDDC by providing backup to a centralized vSnap server outside of the SDDC and as shown in the diagram below:



The IBM Spectrum Protect Plus components for this solution are:

• IBM Spectrum Protect Plus server which provides automated, centrally scheduled, policy-managed backup capabilities for virtual machines and other workloads. This server will be responsible for moving data from the SDDC datastore to the vSnap server for backup and recovery operations. This component is installed in the VMware Cloud on SDDC.
• vSnap backup storage which will consist of disk-based storage organized in storage pools. The storage can be in the customer’s AWS VPC or on-premise. The vSnap server must be located outside of the SDDC.
• VADP proxy that must be located inside the SDDC. This proxy server must be connected to datastore in the SDDC. This will allow the use of HotAdd transport mode for backups.
• Another recommendation is to also have a separate cloud storage to offload the backup data from the vSnap server. This cloud-based offload target must be a certified object storage environment. The cloud storage can be AWS S3, IBM COS, Azure Blob or any S3 compatible storage.

Solution Components

The following components are required for data protection of virtual machines in VMware Cloud on AWS:

• IBM Spectrum Protect Plus Server 10.1.5 or later.
• IBM Spectrum Protect Plus vSnap Server 10.1.5 or later.
• IBM Spectrum Protect Plus VADP Proxy 10.1.5 or later.

Detailed information about the solution can be found in the IBM Knowledge Center.

Installation and Configuration

Installation and configuration of the IBM Spectrum Protect Plus server component can be found in the Installing IBM Spectrum Protect Plus.

Steps to install and configure IBM Spectrum Protect Plus server

1. Review the IBM Knowledge Center article: Installing IBM Spectrum Protect Plus.
2. Deploy the IBM Spectrum Protect Plus OVA in the SDDC.
3. Deploy the IBM Spectrum Protect Plus vSnap OVA in AWS or on-premise.
   
   a. If deploying IBM Spectrum Protect Plus vSnap server in AWS, review the deployment guide for Spectrum Protect Plus on AWS: IBM Spectrum Protect Plus on AWS Deployment Guide. When deploying in AWS, it is recommended to deploy to the connected VPC in SDDC.
       
4. Ensure that there is communication between the IBM Spectrum Protect Plus server and the vSnap backup server.
5. Launch the IBM Spectrum Protect Plus user interface and register the vSnap server as a backup storage disk. This will set up the storage pool on the vSnap server.
6. Deploy a VADP proxy to backup data from the datastores to the vSnap server. Review the requirements for a VADP proxy: VADP Proxy Requirements.
7. Navigate to System Configuration > VADP Proxy to make edits to the VADP Proxy. For any VADP Proxy that is registered in IBM Spectrum Protect Plus, select the ellipsis (…) and select proxy options.
   
   a. Confirm that the correct site is being used for the VADP Proxy.
   b. For “Transport Modes”, only HotAdd should be selected. De-select any other transport mode besides HotAdd.
    
8. Navigate to Manage Protection > Hypervisors > VMware. Click the button “Manage vCenter” to expand the list of vCenters. Click the button “Add vCenter” which opens a form to register the vCenter Server.
   
   a. Enter the fully qualified domain name of the vCenter Server.
   b. Enter the vCenter Server Username and Password.
    
9. Navigate to Job and Operations and confirm that the “Hypervisor Inventory” job completes.
10. To back up a VM, add the VM to an SLA policy.
    
    a. Navigate to Manage Protection > Hypervisors > VMware and click on the vCenter link in the VMware Backup section to expand the list of virtual machines.
    b. Select the virtual machine to be backed up and click the “Select SLA Policy” button. Select the SLA policy for the VM.
    c. Under the SLA Policy Status section, expand the action menu and click the start option. This will start the backup of the virtual machine.
    d. To view the status of the backup job, navigate to Job and Operations and look for the job under the Running Jobs tab.

VMware Cloud on AWS Network configuration

Review the information about Required communications ports in the IBM Knowledge Center to configure the appropriate ports between the IBM Spectrum Protect Plus components and the VMware Cloud on AWS components.

At a minimum, you will need to create an inbound rule for port 443 as shown in the VMware on AWS console screenshot below:

Interoperability with VMware Cloud on AWS product features

The IBM Spectrum Protect Plus solution provides data protection for virtual machines deployed in SDDC on VMware Cloud on AWS. It is not intended to provide protection for hybrid solutions such as protecting virtual machines in a traditional data center (or traditional vSphere datacenter) and recovering the virtual machine to a SDDC or visa-versa.

Support Information

• For information on troubleshooting and collecting IBM Spectrum Plus logs, see IBM Support article.
• To download entitled software from IBM, visit Passport Advantage to download the most purchased software products, or My Entitled Systems Support to download system software.
• For more information about support, see the IBM Support home page.
• Information about IBM Spectrum Protect Plus product messages can be found in this IBM Knowledge Center article.

For more information on IBM Spectrum Protect and IBM Spectrum Protect Plus, see the IBM Spectrum Protect Plus home page.