Comprehensive data protection for all workloads
Post Reply
syscons
Veeam Vanguard
Posts: 13
Liked: 1 time
Joined: Oct 24, 2017 6:40 pm
Full Name: Jochen Seeger
Contact:

Some feature requests from an Enterprise Customer

Post by syscons »

Hello!

I am working with a large Enterprise Customer and we came across some Issues where the Customer is missing Features / having Problems

1) Full VM Restore via Enterprise Manager:
The customer has different Partners for their technologies, only the Backup Partners (we) have Access to the VBR Console, everybody else should be able to restore via EM. We came across a Problem with the VMware guys. When they need to do a Full VM Restore they are not able to specify a different Host / Datastore and so on via EM. This is a massive Problem because most of the times they need to specify different Settings

2)NFS Mounts after Restore
Veeam keeps the NFS Mounts on the ESXi Host after a Restore to speed up the next Restore task, this is challenging for the Customer because they have strict Monitoring Rules regarding Datastore Mounts and it always leads to confusion and problems. I know abot the script from Niels which i could run every few hours but it would be nice to get a "out-of-the-box" Solution, maybe a Checkbox "Dismount Datastore after Restore" or a Regkey etc.

3) Linux FLR
This is very challenging for us due to Security Restrictions... So currently the Helper Appliance starts and mounts the Backup, but after that the Data does not get send to the guest directly via the helper, but it gets sent to the VBR and then on to the guest. Since our VBR is firewalled from the Guest VMs, we would need to open a FW port to each and every Linux VM, which is not accepted from the Security standpoint. Also we would be transferring a lot of Data over the FW. Is there a way to transfer the Data directly from Helper to Guest? (those two can communicate fine. The VIX Channel is also not an Option because the Kernel Ports are firewalled too.

Thanks in advance!!
PetrM
Veeam Software
Posts: 3626
Liked: 608 times
Joined: Aug 28, 2013 8:23 am
Full Name: Petr Makarov
Location: Prague, Czech Republic
Contact:

Re: Some feature requests from an Enterprise Customer

Post by PetrM »

Hello Jochen,

Thanks for sharing these ideas with us! We need to continue tracking the number of similar requests prior to decide about the feasibility to add these features to our road map.

1) The only work around which comes to my mind is to use "Keep" option which will restore a VM next to the original one. You will be able to perform vMotion of this VM afterwards.

2) Could you please clarify what kind of monitoring tools does customer use and how did he configure monitoring rules? Just curious to know how the requested checkbox can help to resolve the issue.

3) What about to enable FTP server on appliance so that users can access the appliance over FTP?

Thanks!
syscons
Veeam Vanguard
Posts: 13
Liked: 1 time
Joined: Oct 24, 2017 6:40 pm
Full Name: Jochen Seeger
Contact:

Re: Some feature requests from an Enterprise Customer

Post by syscons »

Hi,

thanks for your reply.

1) Well..yes, but most of the times they need to place them specifically into the Environment.
2) They use a variety of Monitoring Tools, CheckMK seems to be the biggest. They get an Alert when a NFS Datastore is only mounted on one or few ESX Hosts, also they told us that they had Problems with similar Scenarios in the past where an ESxi Host froze...Basically everything is strictly regulated how the Environment has to look, and an Exception like this is always "more than tricky"
3) If i suggested that an FTP Protocol gets activated in this Enviroment the Security Department will come with burning Sticks and hunt me down :-) I mentioned this once before and it was not taken well. (if it would be SFTP, i might have a chance)
tsightler
VP, Product Management
Posts: 6035
Liked: 2860 times
Joined: Jun 05, 2009 12:57 pm
Full Name: Tom Sightler
Contact:

Re: Some feature requests from an Enterprise Customer

Post by tsightler » 1 person likes this post

Regarding #3, I should point out that there is no requirement to enable FTP at all if you would like to use, for example SCP or rsync over SSH as the appliance already supports this natively without any checkbox, you'd just need to define the password for the appliance in the credentials settings. I'm not sure if that's acceptable either, but it's an option that is much more secure than FTP and only requires port 22 to the helper appliance to be open. You can use any command line tool or a UI based tool like WinSCP to copy the files to anywhere.

However, your described dataflow for Linux FLR does not appear to be correct. While it's true that the VBR server must be able to communicate with both the helper appliance and the target restore via SSH, the data flow is actually from helper appliance to target using the Veeam datamover. The VBR simply must be able to communicate via SSH to start the datamover on both the helper and the target.

I'm not sure I understand the issue with VIX. Obviously VBR can communicate with VMware so you can put helper in same network as VBR, which is safe and firewalled from everything else.
Post Reply

Who is online

Users browsing this forum: Bing [Bot] and 68 guests