Welcome to Avamar Fundamentals. Copyright ©2016 EMC Corporation. All Rights Reserved. Published in the USA. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS IS.” EMC CORPORATION MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. The trademarks, logos, and service marks (collectively "Trademarks") appearing in this publication are the property of EMC Corporation and other parties. Nothing contained in this publication should be construed as granting any license or right to use any Trademark without the prior written permission of the party that owns the Trademark. EMC, EMC², the EMC logo, AccessAnywhere Access Logix, AdvantEdge, AlphaStor, AppSync ApplicationXtender, ArchiveXtender, Atmos, Authentica, Authentic Problems, Automated Resource Manager, AutoStart, AutoSwap, AVALONidm, Avamar, Aveksa, BusTech, Captiva, Catalog Solution, C-Clip, Celerra, Celerra Replicator, Centera, CenterStage, CentraStar, EMC CertTracker. CIO Connect, ClaimPack, ClaimsEditor, Claralert ,CLARiiON, ClientPak, CloudArray, Codebook Correlation Technology, Common Information Model, Compuset, Compute Anywhere, Configuration Intelligence, Configuresoft, Connectrix, Constellation Computing, CoprHD, EMC ControlCenter, CopyCross, CopyPoint, CX, DataBridge , Data Protection Suite. Data Protection Advisor, DBClassify, DD Boost, Dantz, DatabaseXtender, Data Domain, Direct Matrix Architecture, DiskXtender, DiskXtender 2000, DLS ECO, Document Sciences, Documentum, DR Anywhere, DSSD, ECS, elnput, E-Lab, Elastic Cloud Storage, EmailXaminer, EmailXtender , EMC Centera, EMC ControlCenter, EMC LifeLine, EMCTV, Enginuity, EPFM. eRoom, Event Explorer, FAST, FarPoint, FirstPass, FLARE, FormWare, Geosynchrony, Global File Virtualization, Graphic Visualization, Greenplum, HighRoad, HomeBase, Illuminator , InfoArchive, InfoMover, Infoscape, Infra, InputAccel, InputAccel Express, Invista, Ionix, Isilon, ISIS,Kazeon, EMC LifeLine, Mainframe Appliance for Storage, Mainframe Data Library, Max Retriever, MCx, MediaStor , Metro, MetroPoint, MirrorView, Mozy, Multi-Band Deduplication,Navisphere, Netstorage, NetWitness, NetWorker, EMC OnCourse, OnRack, OpenScale, Petrocloud, PixTools, Powerlink, PowerPath, PowerSnap, ProSphere, ProtectEverywhere, ProtectPoint, EMC Proven, EMC Proven Professional, QuickScan, RAPIDPath, EMC RecoverPoint, Rainfinity, RepliCare, RepliStor, ResourcePak, Retrospect, RSA, the RSA logo, SafeLine, SAN Advisor, SAN Copy, SAN Manager, ScaleIO Smarts, Silver Trail, EMC Snap, SnapImage, SnapSure, SnapView, SourceOne, SRDF, EMC Storage Administrator, StorageScope, SupportMate, SymmAPI, SymmEnabler, Symmetrix, Symmetrix DMX, Symmetrix VMAX, TimeFinder, TwinStrata, UltraFlex, UltraPoint, UltraScale, Unisphere, Universal Data Consistency, Vblock, VCE. Velocity, Viewlets, ViPR, Virtual Matrix, Virtual Matrix Architecture, Virtual Provisioning, Virtualize Everything, Compromise Nothing, Virtuent, VMAX, VMAXe, VNX, VNXe, Voyence, VPLEX, VSAM-Assist, VSAM I/O PLUS, VSET, VSPEX, Watch4net, WebXtender, xPression, xPresso, Xtrem, XtremCache, XtremSF, XtremSW, XtremIO, YottaYotta, Zero-Friction Enterprise Storage. Revision Date: June 2016 Revision Number: MR-1WN-AVAM .7-3 Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 1 This course covers an introduction to EMC Avamar. It includes an overview of Avamar terminology, features, and components, including Avamar backup and restore functions. The course reviews Avamar tools for monitoring and maintaining an Avamar system. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 2 This module focuses on introducing the Avamar solution, its key benefits, and use cases. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 3 Consider the data at a typical corporation. There are a large number of laptop machines used by the employees containing many important files. Employees will often share files among themselves, leading to multiple copies being stored across their machines. Additionally, many users keep multiple versions of files that they are currently working on. Many of these files differ only slightly from other versions, but are seen by backup applications as new data that must be protected. There is also a NAS-based file server which stores many files, some of which are also stored locally on individual employee laptops. An email server contains email messages and attachments, many of which are also stored locally on employee laptops. As you can see, there is a lot of duplicate data distributed in the environment. To meet service level demands, the corporation performs daily backups of their data to a server. But because a large amount of that data is redundant, the backups are very inefficient. Everyday during the backup period, multiple copies of the same data are sent over the network using up bandwidth. Also, multiple copies of the same data are stored on the backup server using up storage space. Since much of the data is unchanging, it gets transmitted and stored again and again every day. Repeatedly sending and storing the same data is not an efficient way to run backups. These inefficiencies lead to even more problems with the increasing amount of data that corporations want to store and protect. Also, with increasing backup requirements, the backups must complete in a shorter amount of time. The corporation wants to back up larger amounts of data, in a smaller amount of time. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 4 EMC Avamar is a comprehensive, client-server network backup and restore solution which addresses the data protection challenges in today’s IT environments. An Avamar backup is a point-in-time copy of client data that can be restored as individual files, selected directories or entire file systems. A key feature of Avamar is its unique global data deduplication technology, which ensures that data objects are only backed up once across the backup environment. Avamar differs from traditional backup and restore solutions by identifying and storing only unique, sub-file data objects. If a piece of data has already been stored on the Avamar system, it will not be stored a second time. Not only that, but redundant data is identified at the source, meaning that duplicate data is never even sent over the network if it already exists on the Avamar. This results in a dramatic reduction in the amount of data that is moved across the network and stored in backup storage. The same data is backed up as in traditional backup systems, but consumes significantly less network and backup resources as only unique data is stored. And, by using standard IP network technologies, dedicated backup networks are not required. Daily full backups are possible using existing networks and infrastructure. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 5 In addition to global data deduplication, the Avamar solution includes the following key features: Systematic fault tolerance, using RAID, RAIN, checkpoints and replication, provides data integrity and disaster recovery protection. It ensures that backup data is not lost. Highly reliable, inexpensive disk storage is used for primary backup storage. The randomaccess nature of disk makes deduplication possible and also provides speed and reliability. Scalable server architecture provides security and expandability. Additional storage nodes can be added to an Avamar multi-node server to accommodate increased backup storage requirements. Flexible deployment options include Avamar Virtual Edition and Avamar Data Store. Avamar supports a wide-variety of client operating systems and applications, including: Windows, Linux, Unix, NDMP, Microsoft SQL, Microsoft Exchange, SharePoint, and Oracle. With its global deduplication technology, Avamar is an efficient backup choice for VMware and remote office backup environments. Centralized management is also provided. Avamar Administrator and Backup and Recovery Manager interfaces enable remote management and monitoring of Avamar servers from a centralized location via internet access. Avamar can also integrate with Data Protection Advisor for further monitoring capabilities. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 6 Global deduplication makes it possible to perform full backups of clients every day. When a client performs a backup, any data that already exists on the Avamar is not transmitted, but it is referenced as a part of the backup. In this way, Avamar is able to have full backups with the performance of an incremental backup. Let’s take a look at an example of how this works on a new system. When a client performs a backup to an Avamar server for the first time, most of the data will be new to the Avamar and will need to be transmitted and stored. Typically, about 35% of initial file system data and 65% of initial database data is unique and needs to be sent. This first backup to the Avamar server is known as the initialization backup. The initialization backup will usually take longer to complete because more data needs to be sent over the network. But the next backup only needs to send the changed data. This causes a dramatic increase in performance since most data tends to stay the same. In fact, the typical database server will have only 3% of its data change over the course of one day. For a file system, only about 0.3% of the data is changed per day. This means that on a day to day basis, only these small changes in data need to be sent to the Avamar server. But Avamar does not store these small changes in isolation to the previously stored data. It organizes the backup by referencing the all the data that exists on the client. This makes the second backup become a full level backup, even though only the changed data was sent. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 7 There are three levels of deduplication commonly used in the backup industry: File Level, Fixed Block Level, and Variable Block Level. With File Level deduplication, a file will be backed up to the server as long as it has not changed. Any repeated backup of an unchanged file will not store any new data. However, if there is any change to the file, no matter how small, the entire file needs to be backed up and stored again. Unless the backup client contains mostly static files, this is not a particularly efficient level of deduplication. With Fixed Block Level deduplication, each file is first broken into equal length blocks of data. These individual blocks of data are backed up and stored. The backup server keeps track of how to reassemble the file in the event that a restore is needed. With this level of deduplication, only changed blocks of data need to be stored. If there is a change in one bit of a large file, only the block containing that bit is stored on the backup server - there is no need to restore the unchanged blocks. As a result, deduplication rates are much higher. However, Fixed Block Level deduplication does has an inefficiency in the event that data is inserted into or deleted from a file. Inserting or deleting data causes a shift in all the data after the point of insertion or deletion. This causes all the blocks after that point to be different. The data is the same, but the blocks get cut at different points. So a small insertion of data near the beginning of a file can cause the entire file to be backed up and stored again. Variable Block Level deduplication solves this inefficiency. Instead of creating blocks of fixed length, the file is scanned and blocks are cut whenever the data matches a pattern. The pattern is determined by a mathematical algorithm that will consistently find the same boundary points within the data. In the example on the screen, a simplified algorithm is used: blocks are divided after any vowel letter (A, E, I, O, or U). This way, if any data is changed, inserted, or deleted, the boundary points do not change. The algorithm will find the same boundary points. Only the block of data that has changed needs to be backed up and stored again. This level of deduplication is the most efficient and is the level that is used by Avamar. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 8 Let’s take a look at the Avamar deduplication process in more detail. During a scheduled backup, the Avamar server generates a work order. The server then either pages the client agent or the client agent checks in with the server to pick up the work order. On the client, the Avamar agent traverses each directory in the backup and checks it against its local file cache. This file cache is a listing of all the files that have been previously backed up. If the file is listed in the file cache and is unchanged, then the Avamar agent does not spend any more time processing that file and moves on to the next one. No match in the file cache means that the file is new or modified. The file is then divided into variable-sized data objects or chunks. The Avamar agent compresses the chunks and calculates hashes for each one. These hashes serve as fingerprints for each chunk of data and are used to quickly identify a data chunk. To determine whether the client has previously backed up a chunk, the agent compares the hashes against its local hash cache. The hash cache is a list of all the chunks that have been backed up by the client. If there is a match, then the chunk has already been backed up and does not need to be sent over the network. Notice that by using the local file and hash caches, the Avamar agent has been able to identify a large amount of duplicate data without using any network bandwidth or involving the Avamar server. If there is no match in the local hash cache, then the chunk has not been previously stored by this client, but may still exist on the Avamar server if another client has backed up similar data. The client sends only the small hash to the Avamar server to ask if the hash is present. If there is no match on the Avamar server, the hash and the corresponding data are transferred to the Avamar server and stored. The client cache files are updated accordingly. This process is repeated for the rest of the files included in the backup. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 9 Hashes are used not only to identify data chunks, but also to store and find them on the Avamar system. When a data chunk is stored, part of the number of its hash is used as an address to identify where the data chunk is stored. This type of hash, created directly from a data chunk, is called an atomic hash. By knowing an atomic hash, the Avamar server can locate the data chunk. However, it is not enough to simply store data chunks. The Avamar needs to be able to reassemble the data chunks into the correct files and associate them with a point-in-time backup. Avamar does this by taking the atomic hashes of related data chunks and packaging them together in another data object, called a composite. By reading the atomic hashes stored in a composite, Avamar is able to reassemble the original data. Each backup will create many composites. Since composites need to be stored, they are also hashed to create composite hashes, which are used to address the composite data objects. This process repeats again by taking all of the composite hashes relating to one backup, and storing then in a third type of data object called a composite-composite. The composite-composite is also hashed into a single root hash. The root hash serves as an identifier for the entire point-in-time backup. This type of hash based address is called an “object address.” It eliminates the need for a separate file level catalog. Once an object has been stored, it cannot be deleted until the specified retention period has expired and it is not used by any current backup. Storing data on disk, rather than on tape, streamlines the process of searching for stored objects. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 10 Because all data objects are addressed and stored based on their hash value, and hash values are by their nature evenly distributed, data is automatically evenly distributed across all available storage nodes and disks within an Avamar server. Also, addressing data based on its hash value ensures that no data object is stored twice. Two identical chunks of data would have the same address, so only one of them could be stored. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 11 Data objects, such as data chunks, composites, and composite-composites are stored on Avamar disk storage in special files called data stripes. Each data stripe is created with some pre-allocated space, and is then filled with data. A single data stripe can hold approximately 30,000 objects. There are a few different types of stripe files. Data chunks are stored in atomic stripes. Composites are stored in separate composite stripe files. Root hashes, as well as information about the origin of the files ( such as which client or domain), are stored in the accounts stripes. On a multi-node Avamar system, additional parity stripe files contains parity data that is used to reconstruct data in the event of a failed node. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 12 A restore is an operation that retrieves one or more file systems, directories or files from an existing backup and writes it to a designated location. For restore, Avamar presents a full backup as of a single point-in-time. A backup administrator or end user can select a backup and then browse the backup directory structure in order to choose individual files to restore. The Avamar server will then use the root hash to find the backup data, and the composite hashes and atomic hashes to locate the desired file data. To restore the data, the Avamar server contacts the client agent, and sends the data to the agent. The chunks are collected in the client’s memory, ordered, uncompressed and written to disk. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 13 Avamar is ideally suited for protecting clients in virtual environments by reducing the amount of backup data within and across the virtual machines. Both VMware and Hyper-V virtual machines are supported. Avamar provides the flexibility of implementing a virtual machine backup solution in two ways. With guest level backups, Avamar agents are installed in the virtual machine. This allows the agent to directly backup the files in the virtual machine. Image level backups are also available to create a backup of the entire virtual machine at once by backing up the virtual disk files. Avamar provides a high level of integration with VMware for backing up virtual environments. VMware backups can be centrally configured, scheduled and managed with the Avamar Administrator GUI. Avamar Administrator also has the ability to browse the virtual machines in the environment and display information for each machine. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 14 EMC Data Domain is a deduplicated storage system that can be integrated with Avamar. In this type of configuration, Avamar is used to manage backup clients, schedules, datasets, and other policies, while the Data Domain is used as a storage device. Backup data is sent directly from the client to the Data Domain system using Data Domain’s DD Boost technology. Backup metadata used to identify files and backup is stored on the Avamar. Backups can then be managed through the Avamar system. The backup process uses Data Domain deduplication methods rather than Avamar’s which can provide faster backup and recovery, especially for large active databases. Data Domain integration can also provide flexibility since the Data Domain storage can be shared with other Avamar servers or other applications. Maintenance activities that are performed on the Avamar server are also performed on any data stored on the Data Domain. This means that a backup that has expired or been deleted on the Avamar server will be deleted from the Data Domain. Avamar garbage collection, checkpoints, rollbacks, and HFS checks and replication trigger similar processes on the Data Domain system. More information on these maintenance activities are discussed later in this course. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 15 Backing up NAS data can be a challenge. NAS devices typically store large amounts of files. They also have native operating systems that do not always allow backup software to be installed. Network Data Management Protocol (NDMP) was developed to address these concerns. The Avamar NDMP accelerator provides support for NAS appliances by interfacing between the appliance and the Avamar server. The NDMP Accelerator is used to backup and restore EMC Isilon and VNX IP storage systems, Network Appliance filers, and Oracle ZFS. The NDMP accelerator is a dedicated Avamar client, that when used as part of an Avamar system, provides a complete backup and recovery solution for supported NAS systems. The NDMP accelerator hosts a special version of the Avamar client and acts as a “pass through” conduit from the NAS device to the Avamar server. The accelerator accepts NDMP data from the NAS appliance, performs data deduplication, then forwards the data to the Avamar server. Data streams through the NDMP accelerator; no user data is stored on the NDMP accelerator. When performing backups of remote sites to a primary data center, the recommended backup solution is to place an NDMP accelerator at each remote site. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 16 Backing up distributed environments can be a challenge. Deploying multiple backup servers at each location means managing multiple, isolated environments, each with separate policy definitions. On the other hand, backing up to a single central server means sending large amounts of backup data over a slower wide area network. Because Avamar architecture is extremely flexible and scalable, Avamar is an ideal solution for distributed enterprises. Unless recovery time objectives cannot be met, an operational best practice is to backup clients to a large, active, centralized Avamar server. As a centralized backup system, Avamar protects critical branch data without the addition of hardware or specially trained personnel at branch office sites. Corporate backup policies can be implemented, enforced, and managed throughout the organization from this central location. Avamar supports both local area network and wide area network connections. There is minimal impact to network traffic and performance because, after initialization, only changes travel over the networks. To provide disaster recovery, Avamar data can be replicated to another offsite Avamar server. For sites that require fast recovery time objectives (RTO), a local Avamar system may be employed to backup local data at the site and then automatically replicate the backup data to a large, centralized Avamar server. The primary advantage of backing up to a local Avamar backup server is that restores can be done directly from that server across the local area network to the client. All backup and replication activity is managed from the central data center using the Backup and Recovery Manager and Administrator interfaces. Employing Avamar disk-based backup eliminates the need to manage a complex tape system for backups, restores, and offsite security. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 17 Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 18 This module covered Avamar solution, its key benefits, and use cases. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 19 This module focuses on Avamar architecture, terms, and system components. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 20 The three major components of an Avamar system are the Avamar server, Avamar backup clients, and the Avamar administrator. The Avamar Server stores client backups and provides essential processes and services required for client access and remote system administration. Avamar Administrator Server (mcs) and Avamar Data Server (gsan) run on the Avamar server. Avamar Client software runs on each computer or network server that is being backed up. Avamar provides client software for various computing platforms. Each client consists of a client agent and one or more plug-ins. Avamar Administrator is a user management console software application that is used to remotely administer an Avamar system from a supported Windows or Linux computer. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 21 There are several terms used when discussing Avamar. When data is stored on an Avamar, it is first broken up into pieces called objects or chunks. These chunks are variable sized units of deduplicated data, meaning that identical chunks will never be stored twice on the Avamar server. When chunks of data are stored on an Avamar, they are placed onto disk in stripes. Stripes are units of disk space that stores data chunks and are managed by an Avamar. An Avamar server will have many stripes containing all the data that is backed up to it. These stripes are stored on disk on an Avamar node. A node is a self-contained, rackmountable network-addressable computer consisting of both processing power and hard drive storage. Nodes run Avamar server software on the Linux operating system. Usually, multiple nodes will work together as one server, although a server can consist of a single node as well. A server functions as a single managed unit that stores and manages all backup data across its nodes. A server is also sometimes called an Avamar grid. An Avamar system is one or more servers that interact with one another, and the clients that send backup data to them. Systems can be geographically dispersed due to Avamar’s IP network architecture. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 22 If we take a look inside an Avamar server, we see that it contains multiple nodes and switches. All these components operate together as one server. For this reason, it is called a multi-node server. There are two main types of nodes: utility and storage. At the bottom of the rack is one utility node. This node is dedicated to providing internal Avamar server processes and services, such as the scheduling and management of backups, external authentication, and web access. The hostname and IP address of the utility node is the identity of the Avamar server for access and client-server communication. Above the utility node are multiple storage nodes. Notice that they have more disks than the utility node. This is because these nodes are dedicated to providing backup storage and keeping all the chunks of data organized. When backup data is sent to an Avamar server, it is distributed across the storage nodes and protected by parity data. Storage nodes can be added to a server to increase its capacity. An Avamar server can have anywhere between 3 and 16 active storage nodes. A spare storage node is also often included in a configuration and can be enabled in the event of a node failure. An Avamar server is often referred to according to number of active storage nodes. For example, this is a DS12, meaning it has 12 active storage nodes. If two more storage nodes are added, it would become a DS14. At the top of the rack, there are two internal switches. These switches provide communication between all of the nodes in an Avamar server. Each node is connected to both switches so that a switch failure does not result in lost communication. Another type of Avamar server is the single-node server. In this configuration, one node performs the roles of both the utility and the storage nodes. Because data is not distributed across multiple nodes, as it was in a multi-node server, the failure of a single-node server will result in the unavailability, or even loss of data. For this reason a single-node server must provide some other means of data protection. It must either have its data replicated to another Avamar server, backup its checkpoint data to an integrated Data Domain, or use RAID 6 protection as in the Avamar Business Edition single-node server. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 23 The NDMP Accelerator is an optional specialized node that, when used as part of an Avamar system, provides a complete backup and recovery solution for NAS devices via the Network Data Management Protocol (NDMP). Avamar supports EMC Isilon, VNX, and Celerra and NetApp filers with the NDMP Accelerator. The Media Access Node is an optional node that can be used as a pass-through device for sending Avamar backup data to tape for long term storage. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 24 The two Avamar server editions provide the flexibility to meet different customer requirements. Avamar can be deployed either as physical hardware or as a virtual machine. The Avamar server runs on SUSE Linux Enterprise Server (SLES). The Avamar server is capable of operating on server hardware with multiple processors. Beginning with Avamar generation 4S hardware, three sizes of storage nodes are supported: 2.0 TB, 3.9 TB, and 7.8 TB of licensable capacity. Licensable capacity includes deduplicated data plus RAIN parity protection. All storage nodes within an Avamar server must be of the same size. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 25 Avamar Data Store simplifies the purchase and deployment of Avamar by delivering a prepackaged solution consisting of Avamar server software installed onsite on pre-configured and pre-tested Avamar-certified hardware. Deployment time at customer sites is reduced since hardware stress tests and initial benchmark tests are performed before the hardware is shipped. Avamar Data Store is available in several configurations as listed in the slide, including multi-node and single-node servers. Multi-node servers can be expanded by adding new nodes. Avamar Data Store is deployed by EMC-trained personnel. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 26 The EMC Avamar Virtual Edition (AVE) allows the Avamar solution to be standardized on virtual infrastructure. AVE is supported on VMware, Hyper-V, and Azure environments. It is ideal for small, remote offices or small data centers, by lowering the total cost of ownership through sharing the server and storage infrastructure and reducing the cost of hardware support and maintenance. AVE is a single-node non-RAIN Avamar server running as a virtual machine on a virtualization host server. The licensed capacity sizes include: 0.5 TB, 1.0 TB, 2.0 TB, and 4.0 TB. Each of these capacity versions has a set of requirements for memory, I/O, and storage. The choice of AVE version to be deployed depends on the type of data in the environment to be backed up and the expected daily change rate. The host server is supplied by the customer. Installation of AVE on a virtual machine is performed by EMC-trained personnel. The AVE benchmark test must be run to ensure that server hardware and the virtual environment meet expected I/O performance benchmarks. Also, the benchmark test helps to determine the impact of AVE on other virtual machines running on the same physical server. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 27 This module covered Avamar architecture, terms, and system components. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 28 This module focuses on introducing the features and capabilities of Avamar, including backup and restore, Desktop/Laptop, and system integrity. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 29 Avamar backup clients are the machines that contain the data to be backed up to the Avamar server. They are networked computers or workstations accessing the Avamar server via a network connection. Avamar clients are usually the file servers and database servers in an IT environment or employee computers. Avamar Client software is installed and running on each client. Avamar provides client software for various computing platforms. For backing up databases, the Avamar client and a specialized database plug-in are installed and run on the same machine. Databases supported with Avamar client software include: Microsoft Exchange, Lotus Domino, Microsoft SQL, SharePoint, DB2, and Oracle. System State can also be backed with Avamar using a specialized module that is utilized by the backup client. This captures system settings, software installations, registry, networking information and shares, and more. The backup of the system state can save time if a bare metal recovery needs to be performed. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 30 Avamar provides two backup types: scheduled and on-demand. Scheduled backups are run automatically according to specifications that can be customized by the administrator using the Avamar Administrator interface. On-demand backups can be initiated from the Avamar Administrator interface and the Management Console command line interface (MCCLI). On-demand backups can also be run from a client machine using the Avamar Desktop/Laptop interface and with the avtar command from the command line. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 31 Avamar uses groups to implement various policies for automating backups and enforcing consistent rules across a collection of clients. Backups are scheduled to run automatically by configuring and enabling groups. A group consists of one or more clients that will be backed up, and a group policy that is used to configure settings for the backup. The group policy specifies a dataset, schedule, and retention for that group. Once a group is configured, the Avamar server will automatically perform backups of the clients within the group according to the schedule that was set for the group. The dataset settings for the group determine the data from each client is backed up, and the retention settings determine how long each backup from the group is retained. Avamar groups should not be confused with Avamar domains. Groups are used to create automated backups for a set of clients, while domains are used to grant Avamar administration rights to a set of clients and to organize and manage sets of clients. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 32 Clients inherit the group policy settings by means of their membership in a specific group. An Avamar user with Administrator privileges can configure persistent backup selections by creating, modifying and deleting datasets, schedules and retention policies, assigning them to a new or existing group, and then assigning clients to the group. Datasets define the persistent backup selections for the file systems, directories or files to be included in a backup. You can also narrow the scope by specifying certain content, such as file types, to exclude or include. Datasets can be created at any domain level and can be assigned to one or more groups and clients within the assigned domain. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 33 The Schedule for a group determines when and how often a backup will automatically be run. Schedules can be created at any domain level and can be assigned to one or more groups within the assigned domain. Retention Policies specify how long each backup from the group will be kept. Any backups older than the specified retention are automatically dropped from the system. Retention policies can be created at any domain level and can be assigned to one or more groups and clients within the assigned domain. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 34 Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 35 On-demand backups by definition are run manually at the time that the backup request is initiated. Avamar provides multiple ways for running on-demand backups from either the client or server side. An administrator can run an on-demand backup using the mccli command line, run a group backup from Avamar Administrator’s Policy view, or select items to backup from Avamar Administrator’s Backup, Restore and Manage view, as shown on the slide. An on-demand backup can also be initiated from the client side using the avtar CLI command or using the Desktop/Laptop interface. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 36 Desktop/Laptop provides an easy to use graphical user interface to be installed on a desktop or laptop in use by an end user. This allows the end user to perform on-demand backups and restores without help desk intervention. Desktop/Laptop is included as an option in the Avamar client installer. It is available for Windows, Mac and Linux. End users can initiate an on-demand backup through the Desktop/Laptop interface. This will back up data using the dataset and retention policies set by the Avamar administrator for the client. The end user must ensure that the data to be protected resides within the a directory within the backup dataset. Desktop/Laptop can optionally be configured to allow the end user to create their own dataset and apply their own schedule. Backups and restores over VPN are supported. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 37 Avamar supports restoring one or more individual files, directories or file systems from backups stored on the Avamar server. There are two methods of initiating restores of client data: from the Avamar server or from the client. Restores can be initiated from the Avamar server using Avamar Administrator Backup and Restore or the mccli interface. Initiating the restore from the Avamar client is accomplished by the Desktop/Laptop interface or the avtar command. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 38 Using the Avamar Administrator Backup and Restore view, the items to restore for a specific client can be selected either from a list of all backups for a particular date or of all backups containing a particular path. Restores can be performed using the Avamar Administrator by a user with Administrator privileges. Restores can be directed to the original client, or redirected to a different client. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 39 If Desktop/Laptop is installed on the client machine, end-users can restore their own data. Using the Desktop/Laptop GUI, users can search or browse for the desired files and initiate a restore. Restores can only be performed to the client where the data originated; redirected restores are not supported with Desktop/Laptop. This user initiated restore is quicker and easier because no calls to IT need to be made. Also, no additional passwords are needed. Desktop/Laptop uses LDAP or Active Directory Authentication to ensure that the user is authorized to access their data. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 40 Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 41 To ensure system integrity, Avamar provides systematic fault tolerance at the following levels: RAID (redundant array of independent disks) is a method of protection for disk data corruption or failure. Avamar servers are protected by either RAID-1 or RAID-6, depending on the configuration. Avamar also has hot-swap capability with minimum system impact for highest failure-rate components. RAIN (redundant array of independent nodes) provides failover and fault tolerance across nodes. Data is distributed across each node and parity data is used to provide protection. RAIN provides uninterrupted functionality during node failure, replacement and reconstruction. In the unlikely event of a node failure, new backup data will be written onto the remaining nodes; data for recoveries is reconstructed using parity. RAIN is used to replace the failed node, reconstruct the data on the replacement node, and when expanding an Avamar server, rebalance the capacity across all nodes. High Availability Uplink and Dual Switches provide high availability in the event of hardware failure. Each node has the ability to have dual connections to the customer switch. An Avamar server also has two internal switches in order to provide hardware redundancy. Checkpoints protect the server in the event of operational failures. They provide redundancy across time. Checkpoints are a read-only snapshot of the Avamar server taken to facilitate server rollbacks. They are created using hard-links to all the stripes. Regular checkpoint validation, including auto-repair capability, is used to ensure data integrity. Replication protects against data loss in the event of a server loss. Efficient, scheduled replication (local or remote) ensures availability and redundancy of data if primary server is lost. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 42 Avamar Replication is the process of logically copying backup data from one or more source Avamar servers to a destination or target Avamar server. As with the backup process, Avamar employs deduplication methodology at the source Avamar server, transferring only unique data to the target server and encrypting the data during transmission. Replication can be configured and run with the Avamar Administrator interface. Replication is most often run on a scheduled basis, but can also be run on-demand. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 43 Replication can be configured in multiple ways to meet an enterprise’s unique requirements. For example, replication can be used to provide disaster recovery protection of data from multiple single-node servers to a central multi-node server in a remote, branch office to home office scenario. It can also provide peer-to-peer disaster recovery protection from a single-node to single-node server and multi-node to multi-node servers. The two basic kinds of Avamar replication are standard, also referred to as normal, and full copy or root-to-root replication. Standard replication copies backup data from one or more source Avamar servers to a target Avamar server. Replicated data is stored within a special REPLICATE domain on the target Avamar. With standard replication, an Avamar server can be both a replication source and a target for replication. Data can be restored from replicated backups directly from the replication target Avamar server to a client activated on that server. Full copy or root-to-root replication creates a complete logical copy of an entire source server on the destination Avamar server. Only a one to one configuration is supported with full copy replication. Full copy replication is best suited for server migrations and high availability environments. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 44 Avamar uses three operational windows to perform various system activities. These windows can be customized to start and end at times to meet site requirements. The backup window is when the majority of backups are performed. Backups should be scheduled to run during this time. No maintenance activities, such as garbage collection or HFS checks, are performed by the Avamar server during the backup window. The maintenance window is reserved for maintenance activities, primarily garbage collection, checkpoint creation, and HFS check. A limited number of backups may be initiated, but both backup time and maintenance activities will be impacted. By default, the maintenance window runs during the day from 8 am to 8 pm. Restores can be performed during any of these windows. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 45 Daily Avamar server maintenance activities include checkpoints, checkpoint validation and garbage collection. These server maintenance activities are run automatically. A checkpoint is a read-only snapshot of the Avamar server taken to enable server rollbacks. Checkpoints are created using hard-links to all the stripes. A hash file system (HFS) check is an operation that validates the integrity of a checkpoint. Once a checkpoint has passed an HFS check, it can be considered reliable enough to be used for a system rollback. Checkpoints are taken twice daily and validated once daily during the maintenance window. Avamar administrators can also create and validate checkpoints at any time, as well as delete checkpoints that are not needed in order to reclaim additional server storage capacity. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 46 Garbage collection is the process of deleting unused chunks from backups that have expired. It deletes orphaned chunks and composites. This frees up capacity on the Avamar server. Garbage collection runs once daily starting at the beginning of the Maintenance window. Beginning with Avamar 7.0, backups can run during garbage collection. However, doing so should be avoided since it will negatively impact the performance of both the garbage collection and backup processes. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 47 For added data security, Avamar provides data encryption both in-flight and at-rest. In-flight encryption occurs during a backup or restore. During backup, data is encrypted by the client before it is sent over the network. This protects any data from being compromised as it is sent over a network. Encryption strength can be set to medium, or high, or disabled altogether. It is recommended to always use encryption, especially if performing a backup over a wide area network. Encryption at-rest occurs when data is written to the Avamar disk. If encryption at rest is enabled, all data is stored in an encrypted format, so that even if data on disk were compromised, it would be unreadable. Encryption at-rest provides a high level of security for backed-up data. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 48 This module covered Avamar backup and restore, Desktop/Laptop, and system integrity. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 49 This module focuses on various Avamar management and monitoring tools including, Avamar Administrator, EMC Backup and Recovery, and Data Protection Advisor. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 50 Avamar administration tools provide central administrative access to the Avamar system. • The Avamar Administrator is a graphical user interface (GUI) used to configure, monitor and manage an Avamar system from one or more Windows or Linux clients. • The Management Console Command Line Interface (MCCLI) is a Java application providing command line access to the features and functions that are available via the GUI. • REST API provides a way to develop applications and tools that interact with Avamar systems. For example, a developer may create a web interface to allow end users to initiate backups. • EMC Backup and Recovery is a separate tool that can be used to monitor Avamar, NetWorker, and Data Domain systems. It allows backup administrators to monitor and manage all Avamar servers in a distributed environment. Client Manager is a tool within EMC Backup and Recovery used to add and update backup clients to the Avamar system. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 51 When managing an Avamar, administrators log in under an Avamar domain. Domains are distinct zones within Avamar that are used to organize and manage backup clients. They are used to manage administration access to groups of clients. By nesting domains within domains to create a tree structure, you can create a hierarchy for managing organizations and the clients in those organizations. The highest level domain is the root domain, represented by the Avamar server in the hierarchy. When an Avamar client is added to the Avamar server, it is assigned to a specific domain within the domain hierarchy. The real power of domains is that they provide the ability to add specific users to specific levels on the client tree. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 52 Security within the Avamar system is implemented through the use of user accounts. Users can be created at the root, domain, and client levels in the domain hierarchy. The level at which a user account is added to the Avamar system and the role assigned to the user determine the access and privileges accorded to that user. Actions performed by users are tracked and maintained in an audit log. The slide lists the roles that can be assigned to users at the following levels in the domain hierarchy. Root users are created at the root domain. Root users can perform tasks for all domains in the hierarchy and the clients within the domains. Domain users are created at the Avamar domain level. Users at the domain level can perform tasks for that domain, the clients assigned to the domain, and any domain/client beneath the domain in the domain hierarchy. Client users are created for an individual Avamar client. The tasks that a client user can perform are limited to that specific client. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 53 You can manage backups from the Avamar Administrator Backup, Restore and Manage view. You can list the backups run for a particular client by first selecting the client in the tree and then choosing to list by date, date range or retention type. Options available from the Actions menu include changing the backup expiration date, changing the retention tag, deleting a backup, viewing completed backup statistics, and validating a backup. Validating a backup initiates a virtual restore of all files in the backup but does not actually restore any files to the client file system. Deleting a backup permanently deletes the backup from the system. Note that data referred to by other backups will not be candidates for deletion. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 54 Avamar provides several ways to monitor backup activity while backups are in progress and to report on backup status. The Avamar Administrator Activity view provides a central facility to monitor backup and restore progress and status. With the Activity Monitor, you can see a listing of all activity for the last 72 hours, up to a maximum of 5,000 rows. You can also bring up activity logs and cancel an activity in progress. Options from the Actions menu include filtering the activity results display and viewing statistics for a selected activity. Status information is also available on a Windows client with the Avamar Progress bar and Work Order Status. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 55 Client Manager is a graphical user interface accessible from within Backup and Recovery Manager which provides many functions for managing large amounts of clients. It provides the ability to move multiple clients between domains or servers, and to retire or delete multiple clients and to change backup groups of clients. It is especially useful in large environments as clients can be found easily through the use of search filters. Client Manager can also be used to update client software and analyze backup statistics. Activation of multiple clients can be achieved through this interface. Clients can be discovered through the use of a directory service such as Active Directory and then activated. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 56 Avamar activities and operational status are reported as events to the administrator server. Examples of events include client registration and activation, and backup completion and restore activity. Under the Event Management, the Event Monitor displays the most recent 5,000 system events during the past 24 hours. The listing can be filtered by event code, category, type, severity, and domain. The report can be exported to a CSV file. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 57 The Avamar Administrator Server view is a primary system status monitoring tool. With the functions within the Server view, you can suspend or resume server activity, check server capacity, review the health of nodes and disks, and manage checkpoints and hash file system checks. The Server Monitor presents a summarized view of CPU, network and hard drive performance statistics for each node. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 58 Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 59 Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 60 New bytes are added to the Avamar server through the backup process. Old bytes are removed from the server through garbage collection of unused chunks from expired or deleted backups. The goal of managing the capacity of the Avamar server is to achieve a “steady-state” server capacity utilization where the rate that new data chunks are added to the server is equal to or less than the rate that expired data chunks are removed from the server. Factors affecting capacity utilization include the amount of primary storage being protected, the initial and day-over-day backup commonality, and the length of time backups are retained. Capacity management is an important task for the Avamar administrator to ensure that the Avamar system continues to have the capacity to store the required backup information. Avamar provides many tools and reports to assist the administrator with this task. For daily monitoring, the Avamar Administrator Dashboard, shown on the slide, provides capacity management information, including server capacity, forecasts, and warnings. Avamar automatically issues warnings when server utilization exceeds 80% of user capacity and, at 100%, will go into read-only mode. EMC Technical Support is available to work with the administrator on all capacity management issues. If more capacity is needed, multinode Avamar servers can be expanded with the addition of new nodes. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 61 Avamar maintains logs of client and server activities. Logs are especially useful for investigating issues and troubleshooting error conditions. The slide shows an excerpt from a client log detailing an on-demand restore operation from connecting to the server to completion step. (1) the log shows an attempt to connect to one node of the Avamar Server, and then (2) Secure Session Format is being used. (3) a Restore session was successfully started, and (4) one file was restored successfully. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 62 Many standard reports are available with the Avamar Administrator Activity Report and Manage All Reports features. Shown here is an example of one of the activity reports. You can also create reports using the read-only views of the Avamar Administrator server database. Backend Capacity Reports can be generated to show how much capacity is used by a client or a group of clients after deduplication. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 63 Avamar provides a plug-in for the VMware vSphere Web Client. This adds a very basic Avamar interface into the existing vSphere web interface. With this interface, vSphere users can initiate image backups and restores of virtual machines in their environment. Limited monitoring of backup activity is also available. The purpose of the Avamar Plug-in for vSphere is to give VMware vSphere administrators the ability to perform basic backup and recovery tasks without requiring extensive Avamar knowledge. For this reason, many configuration tasks cannot be performed through this interface and must be performed through Avamar Administrator instead. The vSphere interface is primarily for monitoring scheduled backups, initiating on-demand backups, and performing restores. In addition to the vSphere interface, the plug-in also enables end-users to perform file-level restores from image level backups. Users who are logged into a virtual machine can use a web interface to select individual files from a previous backup. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 64 VMware vCloud environments consist of very large numbers of vApps each consisting of multiple virtual machines. vApps and VMs are constantly being created and deleted in a typical vCloud environment. Additionally, vClouds can be extremely large, many times with hundreds of thousands of virtual machines. If a large vCloud is going to be backed up by Avamar, multiple servers are required. However, managing multiple Avamar servers is difficult. Administrators have to track which portions of the vCloud are backing up to which Avamar servers. Avamar servers cannot share policy definitions, so many times policies would have to be created and managed multiple times on each Avamar. The Avamar plug-in for vCloud moves Avamar management to the vCloud Director interface. Instead of managing individual Avamar servers, an administrator views the cloud resources, such as vApps and Organizations, and directs them to use backup resources. Backup policies can be configured and shared across the entire cloud, even if multiple Avamar servers are used. As a result, managing a large vCloud is much easier. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 65 Data Protection Advisor is a customizable backup reporting, alerting, monitoring, and correlation analysis software tool for EMC and third-party backup software products. Without Data Protection Advisor, administrators must rely on a mix of reporting and analysis tools to manage the backup environment and provide a complete picture of the infrastructure. Reports with Data Protection Advisor can be customized extensively to suit the demands of any business. DPA can be used in Avamar environments to provide increased monitoring abilities. DPA provides the ability to monitor the entire backup environment in addition to Avamar servers. It is able to predict future trends in order to prevent problems before they occur. DPA provides a single view of the entire infrastructure through data discovery, analysis, and reporting that leverages this data for key backup management functions. DPA incorporates backup solutions, replication technologies, virtual environments, tape/VTL storage, SAN and NAS systems, and the business applications protected by the infrastructure. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 66 This module covered various Avamar management and monitoring tools including, Avamar Administrator, EMC Backup and Recovery, and Data Protection Advisor. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 67 This course covered an introduction to EMC Avamar. It includes an overview of Avamar terminology, features, and components, including Avamar backup and restore functions. The course reviews Avamar tools for monitoring and maintaining an Avamar system. This concludes the training. Copyright 2016 EMC Corporation. All rights reserved. Avamar Fundamentals 68
