Save to My DOJO
When is Application-Consistent Backup Vital? Not all situations require an application-consistent backup. Things such as file and print servers will be fine with crash-consistent and possibly inconsistent backups. If your application doesn’t provide a VSS writer, there might not even be a way to get an application-consistent backup of it while its containing machine is live. The most common need for application-consistent backups is the usage of database-backed applications.
NOTE: This is the second blog post in a 2-series post. You can read the first post in this series here.
When is Application-Consistent Backup Vital?
Not all situations require an application-consistent backup. Things such as file and print servers will be fine with crash-consistent and possibly inconsistent backups. If your application doesn’t provide a VSS writer, there might not even be a way to get an application-consistent backup of it while its containing machine is live. The most common need for application-consistent backups is the usage of database-backed applications. In particular, Microsoft Exchange and SQL Server are fairly dependent upon application-consistent backups. In their default configurations (non-circular logging and full recovery modes, respectively), they do not normally write directly to their database files but instead rely upon log files. When their VSS writer is triggered, they flush all pending operations from memory and commit the contents of their log files into the main database files. This behavior ensures that a crash during normal operations will pose a risk to the active log file, not the primary database. If application-consistent backups are not taken on a regular basis and these applications are left in their default configurations, the log files will eventually consume all available space. Even if transaction quantity is low enough and disk space ample enough to prevent consumption from being a major concern, restoring either system from a crash-consistent state is much more painful and risky than restoring from an application-consistent state. Also, if these applications are left in their default configuration and backed up using a non-application-consistent method, even if it is a full image-level backup, they will not commit their logs.
Backup Operations in Hyper-V
Looking at the simplistic file-based layout of a virtual machine, it is tempting to assume you can use any available file-based backup or even copying software. Unless you are shutting down or saving the virtual machines, avoid falling into this trap. If you are saving the VMs, ensure you are including the VSV and BIN files in your copies. Even if you follow all these steps, Hyper-V takes a particular ownership of its virtual machines and won’t like it if you try to simply copy in the files of a virtual machine that were running on a different host. If you intend to back up the virtual machines without saving them, ensure that whatever method you utilize triggers VSS. There are a handful of Internet posts suggesting that you can simply run copying tools like Robocopy against your VHD files and everything will be fine. Without calling on VSS to pause I/O first, this technique can easily result in a VHD that is unusable. If you intend to use nothing but freely available tools and scripts, research things like Diskshadow and implement your scripts properly.
Hyper-V has its own VSS writer. This deceptively simple sentence means that by deploying on Hyper-V, you automatically have the ability to get application-consistent backups of virtual machines from the host level. There are some conditions to be met in order to ensure this works as expected, but the basic operation is that when Hyper-V’s VSS is triggered, it notifies VSS within the virtual machine, which in turn notifies all of its registered VSS writers that a backup is taking place.
No VSS Writer Available?
In some cases, you need an application-consistent backup but there is no VSS writer available. One example of this is MySQL. Hyper-V backups of virtual machines containing MySQL will always result in either a crash-consistent or an image-level backup. For MySQL, the latter is probably acceptable as MySQL doesn’t perpetually expand the log file. However, if you’re using MySQL within a VSS-aware VM, then a Hyper-V-based backup tool is going to take a crash-consistent backup. MySQL (like any other database system) isn’t always recoverable from a crash-consistent backup; even when recovery is possible, it may be painful. MySQL is just one example; any number of line-of-business applications could tell a similar tale. In the case of MySQL, one solution is to find a guest-level backup application that is MySQL-aware and can back it up properly. For applications for which no backup application has a plug-in, you may need to have pre- and post-backup scripts that stop services or close applications. If brief downtime is acceptable, you can disable the Backup item in Hyper-V Integration Services, thereby forcing Hyper-V to save the state of the VM during backup. This technique results in an image-level backup and can be used on any application that doesn’t have a VSS writer.
General Requirements for Application-Consistent Backups in Hyper-V
Note that some backup software contains its own methods to ensure application consistency and may be able to circumvent some or all of these rules. Please consult with your application vendor for further details.
- The VM must have a current version of Hyper-V Integration Services installed and the Backup component must be enabled.
- The VM must have a compliant implementation of VSS (Vista Enterprise or later for desktop operations and Windows Server 2003 SP2 or later for servers)
- All of a VM’s VHDs must reside on the same volume (whether it is local or CSV)
- All of the VHDs must be formatted with NTFS. This is a limitation even in a physical environment as VSS does not interact with FAT volumes.
- None of the VHDs can contain Dynamic volumes; they must all be Simple (not to be confused with Dynamic vs. Fixed VHD, either of which can be used)
- The volume holding the VHDs must have enough free space for the VSS snapshot; volumes contained by the VHDs must also have enough space to hold their VSS snapshots. The exact need will vary based on several conditions but the safe line is at 20%.
Special Considerations for Cluster Shared Volumes
With VSS operating at the volume level, it might seem that a Cluster Shared Volume is automatically covered, but this isn’t precisely true. VSS does operate on volumes, but it is constrained to the host it is running on. A CSV is simultaneously connected to multiple hosts. In normal mode, only the metadata for a CSV is handled by a single host; all other virtual machine data can be directly accessed by the host that owns it. Therefore, when VSS quiesces a CSV and takes a snapshot, no other host in the cluster is aware of it. In this instance, the volume-level nature of VSS can be a threat. Even if you’re specifically calling VSS on a host to back up only a VM owned by that host, VSS is snapping the entire CSV. No other host is aware of the VSS operation and will carry on with its I/O operations, so the entire status of the VSS snapshot is questionable. Furthermore, and much more dangerous, there is nothing preventing another host from initiating a VSS snapshot while the first is still being used. Partly to address this situation, Microsoft implemented “Redirected Access” mode. In this state, all I/O for a given CSV is handled by the coordinator node. If any other host in the cluster wishes to access that CSV, its I/O is encapsulated in SMB blocks and funneled through the coordinator node. This ensures that the VSS snapshot is not disturbed and that it is not trampled on by another VSS operation.
If you are using CSVs, your backup solution absolutely must be able to turn on redirected access mode. There is no guaranteed safe way to copy virtual machine data off of a CSV without turning on redirect access unless the VSS snapshot is not used and the VM is saved or turned off.
NOTE: This is the second blog post in a 2-series post. You can read the first post in this series here.
Have any questions?
Leave a comment below!
Backing up Hyper-V
If you’d like to make backing up your Hyper-V VMs easy, fast and reliable, check out Altaro Hyper-V Backup v4. It’s free for up to 2 VMs and supports Hyper-V Server 2012 R2! Need more? Download a 30-day trial of our Unlimited Edition here: http://www.altaro.com/hyper-v-backup/.
(Don’t worry, we hate spam too!)
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!
More in this category
About the Author
Eric Siron
10 thoughts on "VSS Crash-Consistent vs. Application-Consistent VSS Backups (post 2 of 2)"
[…] has posted the second part of their series on VSS Crash-Consistent vs. Application-Consistent VSS Backups. You can find […]
Hi Eric,
Thanks for an excellent article. In Application-Consistent Backup is required and important for SQL Server production databases. But these are Consistent and possible to take every 1 hour which means I will be loosing last 1 hour data. As we are limited to SQL standard edition we can not make use of AG. And as per Microsoft its not a good practice to enable SQL Server HA features on Hyper V. Is there any good practice to achieve SQL Server consistency for DR using Hyper V replica option?
Thanks,
Venky
Where did you see that Microsoft doesn’t recommend SQL HA in Hyper-V? Database mirroring and all SQL replication appear to be supported: https://support.microsoft.com/en-us/kb/956893 and https://msdn.microsoft.com/en-us/library/cc645993(v=sql.105).aspx#High_availability. I’m using SQL mirroring with a witness under Hyper-V without problems.
Hi Eric,
Let me rephrase my question. we have two SQL server VMs on Hyper-V 1. Prod and 2. Load balance and we have a replication setup from PROD to Load balance instance and both VMs are connected to the same host in primary site. Now we are planning to enable Hyper-V replica for DR purpose but the link your provided says that “Note that once you use Hyper-V Replica, you can’t use native SQL Server replication technologies such as database mirroring, log shipping, and so on as it would result in a broken state.” Here my confusion started and even the support article has the following.
Exceptions
If multiple SQL VMs are tightly coupled with one another, individual VMs can failover to the disaster recovery (DR) site but SQL high availability (HA) features inside the VM need to be removed and re-configured after VM failover. For this reason the following SQL Server features are not supported on Hyper-VM Replica:
Availability Groups
Database mirroring
Failover Cluster instances
Log shipping
Replication”
Is this applicable only on replica site which need to be reconfigured after fail over or these wont support even in primary site when we enable Hyper -V replica for entire VM DR purpose.
Thanks,
Oh, I see where you are.
After a failover, the Replica VM is the VM. The source is essentially (and maybe really) gone. So, yes, any configuration changes are made on the was-Replica-now-active VM. Then when you fail back, it goes the other way. It’s was-Replica-then-active-now-Replica-again in the DR site and the VM in the live site is the was-Replica-now-active VM.
I haven’t ever played with SQL and HVR together and I’m not a SQL wiz, but since you would have to license the Replica anyway, would it not be better to just use log shipping to an offsite location? Is there some block in place that I don’t know about or is HVR preferred here for some reason that I’m not seeing?
Hi Eirc,
Thanks for sharing this excellent article.
Question: do we really need Application-Consistent Backup in SQL Server wherein all the databases are in full recovery mode and we do have a daily full backup and a 30 minutes transaction log backup?
We do have Sungard Backup solution which keeps taking a full backup every 30 minutes (command: backup database with snapshot..copy_only) using VSS and SQL Writer service.
And we are revisiting this to see if we really need this one or not.
Appreciate your valuable comment on this.
I’m not really sure what that copy-only backup does for you. In any kind of recovery scenario, I would utilize the last full backup plus the transaction logs. I can’t imagine a good use for the copy-only except during a planned maintenance or migration operation. In such cases, I would stop the database and manually create the copy backup anyway.
Hi Eric,
Thanks for your response.
But my point is, do we really need Sungard solution to make the system Application-Consistent or we can just keep Crash-Consistent Backup solution only?
Having said that, we already have daily fullbackup and transactional log backups(30 minutes frequency) are in place in order to recover the system.
Note: to enable this feature (Sungard solution-Application-Consistent) we need to turn on SQL Writer service which keeps taking full backup(which actually uses this command: backup database with snapshot..copy_only) every 30 minutes which is an additional overhead for a production system
I do not know nearly enough about your situation to tell you what you absolutely need. I can only speak in the generic sense from what I understand and from what I normally do.
If it were me, I would not be taking that copy-only backup. From what I can see, it does not add anything to what you’ve already got going.
Thanks Eric for your suggestion, I will check with the vendor about that.