Introduction to System Center Data Protection Manager

Posted on By Mark Wilson

Late last year, I was at a Microsoft Virtualisation User Group meeting where Anthony Tyler, a Storage Technology Architect at Microsoft spoke about System Center Data Protection Manager (SCDPM).

Anthony explained how customers experience what he referred to as “backup pain”: everyone needs better nightly backups but tape storage is inefficient; there is poor support for integrating backups with application-specific requirements; disk-based backups consume huge amounts of space; backing up across the WAN (e.g. for centralised backups) is not feasible; and how remote and branch office data protection is expensive and cumbersome.

Microsoft’s answer is SCDPM, now in it’s second release, which addresses these issues as follows:

  • One common approach is to take a full backup at the weekend and then use nightly incrementals but this still involves backing up whole files – SCDPM just backs up the changes in the file (a much smaller volume of data).
  • At remote sites, branch staff may change tapes but the backups are not verified – because SCDPM uses less space for backups, remote backups become feasible.
  • Whilst SCPDM 2006 was pretty much only any use for Windows file servers, 2007 includes application support for Windows Server (2003 and 2008 – including clusters), Exchange Server (2003 and 2007), SQL Server (2000, 2005 and 2008); SharePoint (2003 and 2007, WSS and MOSS), Virtual Server 2005 R2 SP1 and Hyper-V (with SCDPM 2007 SP1), Windows XP and Windows Vista desktop clients.
  • Meanwhile, vendor “ping-pong” is reduced – in the event of problems there is “only one throat to choke”.

SCDPM is intended to be installed on a single-purpose server, running Windows Server 2003 SP1 or later and it relies on SQL Server 2005 and reporting services. Active Directory is also required (for maintenance of access control lists). In essence, SCDPM is just a big VSS engine and, whilst it may be useful to read the TechNet article about how the volume shadow copy service works, the basic principle is a system of requestors that may which to take a snapshot (e.g. SCDPM), writers (which ship with an application and know how best to take a consistent backup – with the onus on the vendor to provide this) and providers (which physically take a snapshot, using hardware or software, although SCDPM is a software solution). The requestors, writers and providers all communicate via the VSS service.

Using a file system filter driver, the SCDPM agent sits in the kernel and watches the file system, tracking block-level changes made to the disk (in a volume map) and writing changes back to the server according to a schedule in order to build snapshots (up to 512 of them). Whilst SCDPM can back up to tape, Microsoft’s view is that the real value for customers is at the application level, with Exchange or SQL admins backing up their application to disk and handing off the offline tape backups to the storage team.

Having set the scene, Anthony’s demonstration took us through the product, and the following were some of the key points I picked up:

  • Administratively, SCDPM is arranged around five context-sensitive menus with actions:
    1. Monitoring – (of alerts and scheduled jobs) with a MOM/SCOM management pack available for centralised reporting.
    2. Protection – setting up groups to enforce data protection policies.
    3. Recovery – browsing and searching for the appropriate recovery point.
    4. Reporting – using SQL reporting services for defined and custom queries.
    5. Management – of agents, disks and libraries (e.g. tape).
  • The SCDPM Management Shell (built on Windows PowerShell) may be used to script operations (everything in the GUI and more).
  • SCDPM should be allocated raw disks (i.e. unformatted – or else it sees the disk as full!). LUNs can be extended as Windows only cares about what storage is being provided) but disks need to be visible in Disk Management so NAS (which uses an SMB redirector) and removable volumes cannot be used with SCDPM (effectively, direct-attached, iSCSI and fibre channel-attached disks are the available options).
  • SQL Server is only used to store the SCDPM configuration – the backup data itself is not stored in SQL.

SCDPM works on the principle of protection groups – groups of objects to be backed up, and the wizard that is used to create a protection group asks how long backups should be retained for and the interval at which backups should be taken, from which it calculates the necessary disk and tape requirements. Optionally data can be compressed, or encrypted (256-bit AES, certificate-based) and, once the initial replica has been taken, backups consist of just the block-level changes to the data. The initial replication can be scheduled (e.g. to run out of hours) or there is the option to replicate on removable media (whereby the replica is restored to the SCDPM server, a consistency check is run, and the block level differences are pulled across the network) although it’s still advisable to transfer the removable media as soon as possible to to avoid another large transfer following the consistency check.

SCDPM maintains an in-memory representation of the file system (a volume map) to monitor disk block usage in a way that allows SCDPM to monitor 127GB of disk space using just 1MB of RAM. Each time SCDPM needs to take a backup, VSS takes a snapshot (literally a picture), then the application moves on whilst the snapshot is streamed to the SCDPM server as a background task. If the server goes offline and the bitmap is lost, then a consistency check will allow SCDPM to work out the differences.

Recovery is as simple as selecting the data to be recovered, the date and time of the recovery point, and where to put it. SCDPM also supports bare-metal recovery so that an image of a server so can be restored to identical hardware; or it can use PXE to rebuild a server from a backup image, install the application, and then restore the data.

A hierarchy of SCDPM servers can be created so that a SCDPM server can be backed up to another DPM server (e.g. in a separate datacentre) or to a centralised tape backup library. Because the data is stored natively, restoration is possible from the secondary server (even if the primary SCDPM server is unavailable).

One of the benefits of DPM is its application-awareness – for example it knows that a database also needs transaction logs, etc. but it hides that complexity from the administrators. Even complex environments such as SharePoint (with many databases, front end servers, and indices) can be kept consistent with SCDPM backups, even supporting single item recovery. Similarly for Exchange Server, SCDPM can invoke eseutil.exe to make the database consistent and handle log file truncation. On a Virtual Server or Hyper-V host (where the host and guest are both running Windows Server 2003 SP1 or later), SCDPM can snapshot a VHD and take a backup in seconds. Even where online backups are not supported, SCDPM allows the virtual machine to be paused, snapshotted and restarted in a few minutes, because only the changes are backed up. As long as the previous versions client is installed, users can even restore their own data from within Windows explorer by right clicking a folder as the VSS copies on the SCDPM server and the local disk are combined into a single view. Whilst it’s fair to note that the level of recovery support is application dependant and SCDPM 2007 only recognises key Microsoft applications, if third party software companies can provide a VSS writer and an XML descriptor then SCDPM should be able to back them up.

Traditionally, Microsoft products only start to gain some traction at their third release. SCDPM isn’t quite there yet (2007 is the second release) but it really is a great solution for backup and restoration of critical infrastructure, allowing application stakeholders (e.g. the SQL DBA, Exchange Administrator, SharePoint administrator or virtualisation administrator) to drive their own backup and restoration process. The third release is in development and SCDPM v3 will include improved support for client and cloud-based scenarios, as well as new data sources and a number of other improvements – indeed, in a webcast yesterday, Jason Buffington (Senior Technical Product Manager for Windows Storage Solutions and Data Protection) described SCDPM v3 as:

“[delivering] unified data protection for Windows servers and clients as a best-of-breed backup and recovery solution from Microsoft for Windows environments […providing] the best protection and most supportable restore scenarios from disk, tape and cloud in a scalable, reliable, managable and cost-effective way.”

Details of SCDPM are available on the Microsoft website and the SCDPM product team has a blog with further information.

Great tool for resizing virtual hard disks

Posted on By Mark Wilson

Over the weekend, I wanted to build a guest VM quickly to show the effects of having the Integration Components installed (cf. one without) so I downloaded a Windows Vista Evaluation virtual machines from the Microsoft VHD Test Drive programme.

Unfortunately the supplied VHD only had 3GB of free disk space, so I couldn’t apply SP1 in order to install the Hyper-V integration components and, even though it was a dynamically expanding VHD, it had a maximum size set of 16GB.

VHD ResizerThat’s when I stumbled across a great tool for resizing virtual hard disk files – VHD Resizer (formerly VHD Expander). After telling it the source and destination file names, then leaving it to work it’s magic for a while, I attached the new (larger) VHD to my VM, expanded the volume in Disk Manager and was greeted with extra hard disk space.

This tool is definitely one to remember.

Windows Vista SP2 baulks if SP1 is not present

Posted on By Mark Wilson

For as long as I can remember, Windows service packs have been cumulative – i.e. if you install the most recent service pack, it includes the earlier ones. Unfortunately, Microsoft has broken that model with Windows Vista and Server 2008 service pack 2 and it won’t install on a Vista computer until you have installed service pack 1.

Windows Vista SP2 baulks if SP1 is not presentWhether this is a technicality from the single service pack being applicable to both client and server editions of Windows or because Microsoft has a new approach to service packs is yet to be seen.

At least Windows Server 2008 administrators will find life a little easier as service pack 1 was integrated into the RTM release of that operating system.

Quick tip for opening Microsoft Office files without installing Office

Posted on By Mark Wilson

From time to time, I find myself working on a server and thinking it would be useful to be able to open a document and, whilst WordPad usually manages to open enough of a Word document for me to get by, sometimes I need to open a spreadsheet – and this is what happened a few minutes ago when I was checking to see if a couple of hotfixes were included in Windows Server 2008 service pack 2.

Microsoft publishes this information as an Excel spreadsheet, which is all very well if I want to open it on my PC, but doesn’t help if I’m working directly on a server (which is unlikely to have any Office applications installed).

This is where my Office Live Workspace came in handy. I uploaded the file to my online Documents workspace and, within a few seconds, I was able to preview it (including searching for the relevant hotfix numbers), without having to go and find a computer with Excel installed.

Microsoft Office Live Workspace opening an Excel spreadsheet

Useful Links: April 2009

Posted on By Mark Wilson

A list of items I’ve come across recently that I found potentially useful, interesting, or just plain funny:

Windows 7 release candidate: what’s new?

Posted on By Mark Wilson

Earlier today, the Windows 7 release candidate (RC) was released and almost as soon as the download link was available to TechNet and MSDN subscribers, the site went into meltdown… something tells me that this unanticipated demand is not simply bad planning, but another opportunity to say how Windows 7 is generating unprecedented interest… or maybe I’m just a cynic!

Meanwhile, the RC is also available to beta testers on Microsoft Connect (with the Windows Virtual PC bits too – more details on them coming soon but, for now, take a look at the new Virtual PC website). I have the images sitting in the Microsoft File Transfer Download Manager, but nothing is moving right now (and I’m in Microsoft’s Offices in Reading today where there ought to be a decent connection!)

My advice would be to sit tight for a day or so and wait for the initial demand to subside as, unlike the beta, there is no limit to the total number of downloads for the RC. There are a few more things that might be useful to know:

  • There is one release candidate release, with all the capabilities of the Windows 7 Ultimate SKU, available in both 32- and 64-bit editions.
  • New product IDs are required in order to run the Windows 7 RC.
  • The Windows 7 RC will expire on 1 March 2010 after which the system will reboot every two hours. The license will expire on 1 June 2010.
  • By default, beta (build 7000) systems cannot be upgraded to the release candidate. There is a workaround but it’s not recommended. Microsoft’s advice is to either upgrade from a Windows Vista image, or to perform a custom (clean) installation. Users who wish to upgrade from Windows XP to Windows 7 on the same computer will need to perform a custom (clean) installation. The Windows Easy Transfer Wizard can be used to identify, backup and transfer files and settings (more details can be found in the Windows Client Tech Center).
  • The Windows 7 Feedback Tool is a pre-release only tool and is not exposed in the release candidate; however bugs can be submitted by using the following command: rundll32.exe FeedbackTool.dll,ShowWizard. At this time, Microsoft is only looking for bug reports on the following subjects: issues that prevent installation or upgrade; issues that involve corruption or data loss; security issues; regressions from beta (things worked in beta but do not work now); any application or device issues that would prevent the use of Windows 7 as a primary operating system; reproducible crashes or hangs (issues that cannot be reproduced will be captured by the CEIP telemetry).

I’ve already posted details of the new features in the Windows Server 2008 R2 RC, so what’s new in Windows 7? The press release has full details but, cutting through the marketing, this is what’s new in the RC:

  • Remote Media Streaming. Enables highly secure, remote Internet access to home-based digital media libraries from another Windows 7-based PC outside the home.
  • Windows XP Mode (beta – actually not in the RC package, but available separately). Windows XP Mode uses Windows Virtual PC to allow Windows 7 users to run many Windows XP applications but launch them from the Windows 7 desktop.
  • Windows 7 Upgrade Advisor (again, a separate download that’s “available soon”). This is intended to help enable a smooth transition by analysing PCs in preparation for a Windows 7 upgrade.

There were also enhancements made to existing features from the beta, based on customer feedback including:

  • Refined navigation. Several enhancements to the Windows taskbar, JumpLists and search to improve navigating the operating system and finding information.
  • Internet Explorer 8. InPrivate browsing in Internet Explorer 8 prevents browsing history, temporary Internet files, form data, cookies, and usernames and passwords from being retained by the browser. With Windows 7, InPrivate sessions and new tabs can be started from the JumpList.
  • Windows Touch. Controlling the computer by touching a touch-enabled screen or monitor is a core Windows 7 user experience. Improvements in the RC include several Windows Touch updates, including the ability to drag, drop and select items with touch, even inside Web sites that scroll both horizontally and vertically.

So, that’s a quick summary of what’s new in the RC… if you’re lucky then you’ll be able to get a copy in time for the weekend.

[Update 16:20: I restarted the download manager and the bits have started to flow… still no access to the TechNet subscriber downloads though.]

[Update 17:55: everything’s slowed down now… I guess TechNet must be back up and there are a lot of people competing for that bandwidth! I’m off home now and I’ll finish the download there.]

[Update 3 May 2009: the download links have been announced for 5 May – for developers, IT Professionals/Microsoft partners and technology enthusiasts/consumers – and Microsoft has said that “It will be available at least through June 30, 2009, with no limits on the number of downloads or product keys available”.]

Windows Server 2008 R2 release candidate: what’s new? (part 1)

Posted on By Mark Wilson

Windows Server 2008 R2 logoLast year, I wrote a post about some of the things to look forward to in Windows Server 2008 R2 and, a week or so later, I was able to follow it up with the news that Terminal Services gets a big improvement as it becomes Remote Desktop Services (RDS). Six months have gone by, we’ve had the beta, and now the release candidate is here… and that release candidate has some new features – mostly relating to performance and scalability:

  • Looking first at the improvements to Hyper-V (in addition to those in last week’s post on the R2 wave of virtualisation products):
    • There are networking improvements with VM Chimney/TCP Offload capabilities whereby network operations are redirected to the physical NIC (where the NIC supports this), reducing the CPU burden and improving performance. The original version of Hyper-V supported chimney operations in the parent, but virtual machines could not take advantage of the functionality. This helps Hyper-V to scale as 10Gbps Ethernet becomes more common (a Hyper-V host can already saturate a Gigabit Ethernet connection if required) but it’s worth noting that not all applications can benefit from this as it’s more suitable for large file transfers (file servers, etc.) rather than web servers.
    • Another new Hyper-V networking feature is NIC direct memory access (NIC DMA), which shortens the overall path length from a physical NIC queue to virtual machine, resulting in further performance improvements. Because each NIC queue is assigned to a specific virtual NIC there’s still no sharing of memory (so no impact on security isolation) but direct access to virtual machine memory does avoid copies in the VSP and route lookups in the virtual switch; however this feature is disabled by default (as the only real benefit is found with 10Gbps Ethernet and only a few NICs currently have the capability to process it).
    • The long-awaited live migration functionality is definitely in (it was also in pre-release versions of the Hyper-V but was pulled before release). Windows Server 2008 R2’s clustered shared volumes are instrumental to making this feature work well and, even though I don’t believe it’s entirely necessary, VMware have had the functionality for several years now and Microsoft needs to be able to say “me too”.
    • Sadly, another “me too” feature (dynamic memory) has definitely been dropped from the R2 release. I asked Microsoft’s Jeff Woolsey, Principle Group Program Manager for Hyper-V, what the problem was and he responded that memory overcommitment results in a significant performance hit if the memory is fully utilised and that even VMware (whose ESX hypervisor does have this functionality) advises against it’s use in production environments. I can see that it’s not a huge factor in server consolidation exercises, but for VDI scenarios (using the new RDS functionality), it could have made a significant difference in consolidation ratios.
  • Away from Hyper-V there are further performance and scalability improvements in the operating system, with support for up to 256 logical CPUs, improved scheduling on NUMA architectures, and support for solid state disks. As well as the power management improvements I mentioned in my original post last October, the operating system uses less memory and networking improvements result in improved file transfer speeds on the LAN, whilst new multi-threaded capabilities in robocopy.exe (using the /mt switch) can provide up to an 800% improvement in WAN file transfers. Putting these improvements into practice, Microsoft told me that one OLTP benchmark for SQL Server showed a 70% improvement by moving from 64 to 128 processors and a file server throughput test showed a 32% improvement just by upgrading the operating system from Windows Server 2008 to Windows Server 2008 R2. Indeed, Microsoft is keen to show off these improvements at TechEd next month (together with System Center products being used to manage and cap power usage) and they will also announce a new power logo as an additional qualification for the Windows Server logo programme. Some of the power improvements will be back-ported to Windows Server 2008 SP2, although that operating system still won’t quite match up to R2.

None of these are big features but they have the potential to make some significant differences in the efficiency of an organisation’s Windows Server estate – an important consideration as economic and environmental pressures affect the way in which we run our IT systems. This isn’t the whole story though as Microsoft still has a few more surprises in this release candidate. With the RC code available to TechNet and MSDN subscribers today, I’m not sure how Microsoft is planning on keeping them quiet but, for now, my lips are sealed so stay tuned for part 2…

Windows 7 and Windows Server 2008 R2 release candidate availability

Posted on By Mark Wilson

There’s been a lot of chatter on the ‘net about Windows 7 release dates and new features but a lot of it is based on one or two leaks that then get reported (and sometimes misreported) across a variety of news sites and blogs.

After various reports that we could see a Windows 7 release candidate (RC) earlier in April, and various leaked builds, today’s the day when the Windows 7 and Windows Server 2008 R2 RCs will officially be made available to MSDN and TechNet subscribers (the client release candidate was announced last week and the official announcement around the Windows Server 2008 R2 release candidate is due today).

For those who are not TechEd or MSDN subscribers, the RC will be available to the public on/around 5 May.

Whilst the Windows 7 client was already feature complete at the beta, the server version, Windows Server 2008 R2, includes some new functionality – some of which I’ll detail in a separate blog post and some of which will not be announced until TechEd on 11 May 2009.

If you want to know more about the Windows 7 release candidate, then Ed Bott has a Windows 7 release candidate FAQ which is a good place to start. One thing you won’t find in there though is a release date for Windows 7, as Bott quotes one Microsoft executive:

“Those who know, won’t say. Those who say, don’t know.”

As for the future of Windows Mary Jo Foley reported last week that work is underway on “Windows 8” and is suggesting it could be with us as early as 2011/2. If Microsoft continues the 2-year major/minor cycles for the server version and co-develops the Windows client and server releases again, that would fit but, for now, let’s concentrate on Windows 7!

Finally, Microsoft has a new website launching tomorrow (but which has been available for a few days now) aimed at IT professionals in the Windows space. If you find the Engineering Windows 7 blog a little wordy (sometimes I wish they would stick to the Twitter rule of 140 characters!), Talking About Windows is a video blog which provides insight on Windows 7 from the Microsoft engineers who helped build the product, combined with real-world commentary from IT professionals.

Windows Vista and Server 2008 SP2 goes RTM… but you can’t get it yet

Posted on By Mark Wilson

Not to be confused with Windows Server 2008 R2, Windows Vista and Server 2008 service pack 2 (SP2) was released to manufacturing yesterday, the same day the the blocker tool for Windows Vista SP1 was removed (Windows Server 2008 shipped with SP1 included).

Full details of the service pack may be found in Microsoft knowledge base article 948465 and there’s also a notable changes page on the Windows Client TechCenter. In addition, Microsoft knowledge base article 969707 gives details of some of the applications that might have problems after installing the service pack.

[Update 30 April 2009: There’s no download link yet – the official line is that public availability is expected later this quarter. TechNet and MSDN subscribers can now download SP2 and I’d expect to see a public download link at the Windows Client TechCenter soon.]

Windows 7 “XP Mode”

Posted on By Mark Wilson

Last week was a frustrating one… you see, earlier this month Paul Thurrott gave a hint about an exciting Windows 7 secret. I put 2 and 2 together and it seems that I came up with 4. The trouble was that I was given the details from an official source at around the same time – and that information was under NDA so I couldn’t write about it here!

It’s times like this that I’m glad I’m not running a news site and waiting for a “scoop”, but all three of the leading tech journalists covering Windows (i.e. Paul Thurrott, Ed Bott and Mary Jo Foley) have written articles in the last few days about Windows 7 XP Mode and Windows Virtual PC, and I want to pull things together here.

Basically, Paul Thurrott and Rafael Rivera are reporting that there will be a new version of Virtual PC, available as a download for Windows 7, including a licensed copy of Windows XP SP3 to run those applications that don’t behave well on the Vista/Windows 7 codebase. More details will follow (it won’t actually be “in the box” with Windows 7) but Ed Bott has commented that it looks an awful lot like MED-V.

Of course, the technology is already there – as well as drawing comparisons with MED-V, Ed Bott points out that you can do something similar with VirtualBox in seamless mode and the key detail with Windows XP Mode is the licensing situation. Full licensing details have yet to be announced but the only Microsoft blog post I’ve seen on the subject says:

“We will be soon releasing the beta of Windows XP Mode and Windows Virtual PC for Windows 7 Professional and Windows 7 Ultimate”

That reference to Professional and Ultimate would also indicate that it will run on Enterprise (virtually identical to Ultimate), but not Starter, Home Basic or Home Premium. As Microsoft’s main concern is allowing businesses to run legacy applications as they are weaned off XP, that seems fair enough but, then again, MED-V is only available to volume license customers today and Mary Jo Foley suggests that could be the same for XP Mode – I guess we’ll just have to wait and see.

So, will this work? I hope so. Windows Vista (after SP1) was never as bad as its perception in the marketplace indicated but if ever you needed an example that perception is reality, then Vista was it! Strangely, Windows Server 2008 (the server edition of Vista SP1) has been well received as the solid, reliable operating system that it is, without the negative press. Windows 7 is a step forward in many ways and, as XP is now into its extended support phase, many organisations will be looking for something to move to but the application compatibility issues caused by Windows Vista and Windows 7’s improved security model will still cause a few headaches – that’s what this functionality is intended to overcome, although there will still be some testing required as to how well those old XP apps perform in a virtualised environment.

More technical details will follow soon, but either Paul Thurrott and Rafael Rivera are operating on a different NDA to me (which they may well be) or they feel pretty confident that Microsoft will still give them access to information as they continue to spill the beans on this particular feature…