AWS Storage Blog

Backup and restore on-premises VMware virtual machines using AWS Backup

VMware virtual machines (VMs) can run in a number of environments, and whether they run on-premises, in the cloud, or in a hybrid environment, one thing remains the same: backing up your virtual machines is an important step toward meeting business continuity and regulatory requirements. For VMware users, figuring out the best method of backing up VMs requires consideration of numerous factors, including cost, the ability and ease of recovering backed up data, and the operational overhead of managing backups. As a VMware VM user, you might be wondering how you can automate, centralize, and scale your data protection and backup solution, all without additional operational complexity or burdensome costs, especially when managing a hybrid infrastructure.

AWS Backup extended its support and can now back up VMware, a capability that enables you to centralize and automate data protection of VMware virtual machines (VMs) running on premises, on VMware Cloud on AWS Outposts, and in VMware Cloud on AWS. You can now use a single, centrally managed policy in AWS Backup to protect these VMware environments. You can also use AWS Backup to restore VMware workloads to on-premises data centers, VMware Cloud on AWS Outposts, and VMware Cloud on AWS. Additionally, you can restore individual virtual disks that are attached to your VMware virtual machines to a VM in another VMware environment or in AWS as an Amazon Elastic Block Store (EBS) volume.

In this blog post, we provide step by step guidance to protect VMware workloads both on-premises and in the cloud as VMware Cloud on AWS. We walk you through the process of setting up your backup gateway, adding your hypervisor and creating backup for your on-premises VMware virtual machines. We also provided guidance on restoring your virtual machine backups. With AWS Backup, you can automate, centralize, and scale your VM data protection solution cost effectively and with minimal additional operational complexity.

Solution overview

This deployment involves opting in to take virtual machine backups and deploying a backup gateway using the OVF template downloaded from the AWS Backup management console. This is to connect the AWS Backup service to your on-premise VMware hypervisor to detect all the virtual machines for backup and restore purpose. The hypervisor is set up on the AWS Backup management console so that the backup service can backup the discovered VMs. The virtual machines can be tagged to add them to a backup plan or assigned to backup plans with their resource IDs.

Prerequisites

  1. The VMware ESXi versions should be either 6.7 or 7.0.
  2. VMs should be running on NFS, VMFS, and VSAN datastores on premises and in VMware Cloud on AWS.
  3. Deploy an AWS Backup gateway to your VMware infrastructure to connect your VMware VMs to AWS Backup.

Let’s see how this works in practice.

Walkthrough

For this walkthrough, we are using an on-premise VMware environment. We deploy an OVF template on this VMware set up and connect the VM workloads to AWS Backup. You must verify that you have met all the network configuration requirements for the operation of the AWS Backup gateway that you will deploy.

To start off, sign in to the AWS Mangement Console and search for AWS Backup. Once identified, click on the search result to take you to the AWS Backup console. Navigate to the left menu and choose Settings.

To opt-in for Virtual Machine backup, select the Configure resources button at the top of the screen and toggle the status of VMware virtual machines to Enabled.

Figure 1.0: AWS Backup Service opt-in wizard.

Figure 1.0: AWS Backup Service opt-in wizard

  1. Create a backup gateway using the AWS Backup console.

On the left menu of the AWS Backup console, under the External resources section, choose Gateways, and then Create gateway. The purpose of this gateway is to connect the AWS Backup service to your hypervisor and consequently discover your virtual machines and back up and restore them. Download the OVF template and deploy it on your on-premises VMware ESXi host following the instructions on the Set up gateway section of the page.

Figure 1.1: AWS Backup Gateway wizard.

Figure 1.1: AWS Backup Gateway wizard

  1. Deploy the OVF template in your on-premise VMware ESXi host.

In your VMware set up, choose to deploy a new virtual machine and select Deploy a virtual machine from an OVF or OVA file option, select Next and give the gateway a name. Click to select files or drag/drop the OVF file that was downloaded for the gateway deployment and upload the saved OVF template aws-appliance-latest.ova so that it can be used for the deployment. Select Next.

Figure 2.0: Create/Deploy virtual machine wizard.

Figure 2.0: Create/Deploy virtual machine wizard

Under Select storage, choose the datastore to install the gateway and continue to the Next page to select Deployment options. In the Disk provisioning field, choose the Thick option and leave other parameters as default. On the Ready to complete summary page, select Finish to proceed with the deployment.

Figure 2.1: Ready to complete virtual machine deployment wizard.

Figure 2.1: Ready to complete virtual machine deployment wizard

In the Recent tasks pane, down the vSphere client browser page, you can confirm the task is already running. It may take up to three hours for this deployment to complete.

  1. Configure your Backup Gateway.

Log in to the local console of the newly deployed backup gateway (the default username is “admin” and password is “password”) and set a static IP for your gateway and test network connectivity. If a dynamic IP is allocated to your gateway, a reboot of the gateway will change the IP, which may affect the success of your backup due to network issues. On the backup gateway configuration page, type “2” at the prompt to see the Network Configuration.

Figure 3.0: AWS Backup Gateway Configuration terminal.

Figure 3.0: AWS Backup Gateway Configuration terminal

In Network Configuration, type “1” to enter Describe Adapter.

Figure 3.1: AWS Backup Gateway network configuration terminal.

Figure 3.1: AWS Backup Gateway network configuration terminal

In Describe Adapter, capture network information such as IP, default gateway, and network mask, which are required to configure a static IP for the AWS Backup gateway.

Figure 3.2: AWS Backup Gateway describe adapter terminal.

Figure 3.2: AWS Backup Gateway describe adapter terminal

Press enter to return to the Network Configuration page and type “3” to configure the static IP.

Figure 3.3: AWS Backup Gateway Network Configuration terminal.

Figure 3.3: AWS Backup Gateway Network Configuration terminal

Provide the appropriate network adapter, current IP address of the gateway, and netmask to make it static.

Figure 3.4: AWS Backup Gateway Configure Static IP terminal.

Figure 3.4: AWS Backup Gateway Configure Static IP terminal

On the next page, enter “x” to complete your network configuration and exit. Confirm the gateway can be restarted.

Figure 3.5: AWS Backup Network Configuration terminal.

Figure 3.5: AWS Backup Network Configuration terminal

After the installation is done, you can test the network connectivity by typing “3”at the prompt on the AWS Backup gateway configuration page. Then press enter to run the network test.

Figure 3.6: AWS Backup nework connectivity test terminal.

Figure 3.6: AWS Backup nework connectivity test terminal

  1. Complete the backup gateway set up and connect to your hypervisor through the gateway.

To complete the gateway setup, on the AWS Backup console, on the Create gateway page, under Gateway settings, provide the gateway name and the IP address of the gateway. Select the Create gateway button.

Figure 4.0: AWS Backup create gateway wizard.

Figure 4.0: AWS Backup create gateway wizard

The gateway is successfully created.

Figure 4.1: AWS Backup gateway page.

Figure 4.1: AWS Backup gateway page

Navigate to the left menu and select Add Hypervisor, provide the hypervisor name, vCenter server host name or IP address, the username and the password of the vCenter server host, encryption key (optional) and the appropriate gateway you want to use to connect to your hypervisor. After supplying all the required parameters, select Add hypervisor.

Figure 4.2: AWS Backup Add hypervisor wizard.

Figure 4.2: AWS Backup Add hypervisor wizard

After adding the hypervisor to the AWS Backup console, the virtual machines hosted on the hypervisor are displayed under Virtual Machine in the AWS Backup Console.

Figure 4.3: AWS Backup hypervisor summary page

Figure 4.3: AWS Backup hypervisor summary page

You can associate a backup tag (key:value pair) to the virtual machine(s) to backup the VMs using tags. In this walkthrough, we show an example of backing up VMs using tags. You can also choose the option to back up your virtual machines by their resource IDs.

To tag the VMs for backup, select a VM and select the Manage tags button to add the key:value pairs to be used for backup. In this demonstration, we use “backup” as our key and “yes” as the value. Save the tag.

Figure 4.4: AWS Backup virtual machine summary page

Figure 4.4: AWS Backup virtual machine summary page

  1. Create a backup plan and assign resources.

Navigate to the left menu and select Create Backup plan, choose to build a new plan and provide the name of the backup plan, backup rule name, backup vault, backup frequency and the backup window, transition to cold storage and retention period parameters.

Once the plan has been successfully created, select Assign resources button, provide the resource assignment name and for the IAM role parameter, leave the selection as Default role. Select VirtualMachine as your specific resource type and add your backup tags in the key:value pair boxes under the Refine selection using tags. Select Assign resources button.

Figure 5.0: AWS Backup assign resource wizard

Figure 5.0: AWS Backup assign resource wizard

The backup job is triggered according to schedule and the backup job status changes from Created to Pending and then to Running. You can verify this by navigating to Jobs on the left menu and see the running job(s) for resource type VMware virtual machines. On the successful completion of the backup job, the status of the job will change to Completed and a recovery point is created and stored in the backup vault for the plan.

Figure 5.1: Showing the backup job in running state

Figure 5.1: Showing the backup job in running state

Figure 5.2: Showing the completed backup job

Figure 5.2: Showing the completed backup job

You can also create an on-demand backup by following the steps in the AWS Backup Developer Guide at Create an on-demand backup.

  1. Perform a full VMware restore.

In the AWS Backup console, navigate to Protected Resources. Select the Protected Resource ID that you want to restore. On the Resource details page, select the Recovery point ID you want to perform the VM restore from, and then select the Restore button. Select Full restore and Provide the restore parameters like the restore location, hypervisor to restore to, virtual machine name, path, compute resource name and datastore. Choose the default role for the restore and select Restore backup.

Figure 6.0: AWS Backup restore backup wizard

Figure 6.0: AWS Backup restore backup wizard

To see the restore job, navigate to Jobs on the left menu and select the Restore jobs tab. The restore job is triggered, and the restore status changes from Pending to Running. Once the virtual machine has been successfully restored to the ESXi Host, the restore status changes to Completed.

Figure 6.1: Showing the completed restore job

Figure 6.1: Showing the completed restore job

On the VMware web client, you can verify a new virtual machine was created with the name on the ESXi Host.

Figure 6.2: The virtual machine created by the restore job

Figure 6.2: The virtual machine created by the restore job

  1. Perform a restore virtual machine disks (VMDK) restore.

In the AWS Backup console, navigate to Protected Resources. Select the Protected Resource ID that you want to restore. On the Resource details page, select the Recovery point ID you want to perform the VM restore from, and then select the Restore button. Select Disk-level restore and and Provide the restore parameters like the restore location, VMware disk bootable disk to restore, hypervisor to restore to, virtual machine name, path, compute resource name and datastore. Choose the default role for the restore and select Restore backup.

Figure 7.0: AWS Backup restore backup wizard.

Figure 7.0: AWS Backup restore backup wizard

To see the restore job, navigate to Jobs on the left menu and select the Restore jobs tab. The restore job is triggered, and the restore status changes from Pending to Running. Once the virtual machine has been successfully restored to the ESXi Host, the restore status changes to Completed.

Figure 7.1: Showing the completed restore job.

Figure 7.1: Showing the completed restore job

On the VMware web client, you can verify a new virtual machine was created with the name on the ESXi Host.

Figure 7.2: The virtual machine created by the restore job.

Figure 7.2: The virtual machine created by the restore job

  1. Perform an EBS volume restore.

In the AWS Backup console, navigate to Protected Resources. Select the Protected Resource ID that you want to restore. On the Resource details page, select the Recovery point ID you want to perform the VM restore from, and then select the Restore button. Select Disk-level restore and provide the restore parameters like the Restore location, VMware disk bootable disk to restore, EBS Volume type, Availability Zone, and Encryption Key. Choose the default role for the restore and select Restore backup.

Figure 8.0: AWS Backup restore backup wizard.

Figure 8.0: AWS Backup restore backup wizard

To see the restore job, navigate to Jobs on the left menu and select the Restore jobs tab. The restore job is triggered, and the restore status changes from Pending to Running. Once the virtual machine has been successfully restored to the ESXi Host, the restore status changes to Completed.

Figure 8.1: Showing the completed restore job for EBS volume

Figure 8.1: Showing the completed restore job for EBS volume

Cleaning up

To clean up your account after deploying the solution outlined in this blog post, refer to the AWS Backup Developer Guide for deleting backups, deleting a backup vault, and deleting a backup plan. To delete both the restored virtual machine and the virtual machine that was backed up, refer to VMware Docs on remove VMs or VM Templates from vCenter Server or from the datastore. Finally, delete the AWS Backup gateway.

Conclusion

AWS Backup support for VMware virtual machines enables a convenient option for you to centrally manage your virtual machine backups at scale and meet business continuity and regulatory requirements. It takes away the burden of managing the infrastructure of backing up your critical applications on VMware virtual machines in a cost effective and efficient way. It also provides the flexibility of restoring your backups to on-premise environment or AWS cloud. In this post, we demonstrated how you can deploy your backup gateway, add your hypervisor and take the backup of your virtual machines. You also able to restore the whole VM backup or individual disks as the business may require in a timely and efficient manner.

Using the new features described in this post, you can now use AWS Backup to backup and restore on-premises VMware virtual machines.Thanks for reading this blog post! If you have any comments or questions, don’t hesitate to leave them in the comments section. To learn more about AWS Backup, read our documentation.

Olumuyiwa Koya

Olumuyiwa Koya

Olumuyiwa Koya is a Technical Account Manager at AWS, Olumuyiwa and has over 11 years’ of experience in Enterprise storage, virtualization, and Enterprise backup. He enjoys interfacing with AWS customers to help them innovate and build solutions. Outside of work, Olumuyiwa enjoys traveling and playing soccer.

Ezekiel Oyerinde

Ezekiel Oyerinde

Ezekiel Oyerinde is a Senior Cloud Engineer with AWS and spends most of his time helping customers with their storage and backup solutions in the cloud. He has many years of experience working with Storage and Backup solutions, Unix Systems, Virtualization platforms, and Data Center environment. He is very passionate about technology. Outside of work, he enjoys spending time with his family and exploring new places.