Windows Server 2016 has been generally available since late 2016. Here at Veeam, we’ve built in integration with several of the key Windows Server 2016 features in our latest release of Veeam Availability Suite 9.5. In this featured blog post, I will discuss a new feature within Hyper-V called production checkpoints, and tell you how it will impact your Veeam Backup & Replication jobs.
To understand the impact of production checkpoints, it’s important to first review a standard checkpoint. As explained in the previous blog post, 12 things you should know about Hyper-V snapshots, checkpoints are not backups, they’re more like a “save game” option for those times when you need to test or update something in your VM and require a quick roll-back option. Just like with video games, you can return to a previously saved point-in-time and retry the same steps. In a virtualized environment, this will roll back the VM to the previous point-in-time for your VM. You can get back to each of the points-in-time relatively quickly, and if you’re happy with the outcome of your tests, merge these successful changes into the base VM by removing all checkpoints. This was the initial purpose of checkpoints — testing environment — NOT production environment.
The official Microsoft stance has been: “never use checkpoints in production!” Although the Hyper-V host was communicating with the affected VMs via their Integration Services during standard checkpoint creation, the overall process did not provide any application consistency within those VMs. With this process, Hyper-V would initiate a snapshot without quescing the OS or the applications within the VM. Essentially, when the VM comes back up it is literally at the exact point-in-time as it was before. You can see how this would be an approach for highly transactional applications like SQL Server, Active Directory or Exchange Server, while any transactions in memory would be completely lost, which is very bad! In addition, the overall performance would suffer whenever the snapshot occurs, whether it is mid-request or during query execution. There were also performance implications that the standard checkpoint would create on the VM storage (CSV or SMB3) due to the process when the legacy .XML file was updated.
Meet production checkpoints
New production checkpoints have now been introduced within Hyper-V 2016 to fix the challenges that standard checkpoints created. Microsoft has increased stability and efficiency with the new binary configuration files: .vmcx for VM configuration data and .vmrs for runtime state data. The main feature and benefit here is that production checkpoints now work within the OS to ensure data consistency of applications and the OS before taking a snapshot. For Windows, this is known as the Volume Shadow Copy Service (VSS), which has been around for years and is a true workhorse within the realm of backups. For Linux, the process completes a flush of the file system buffers to create a consistent application and OS snapshot. This main point here is the difference between legacy standard checkpoint and new production checkpoints. In addition, the behavior of committing the checkpoint has been updated, and it now resembles the start of the machine after a consistent backup. Of course, even with all these new additions, it is still not in your best interest to leave VMs running on checkpoints for a long period, or to create multiple checkpoints on an individual machine because checkpoints are not considered to be system backups.
Production checkpoints have affected how Veeam Backup & Replication 9.5 creates application-consistent backups of VMs deployed and running on Windows Server 2016 Hyper-V hosts.
Veeam and Hyper-V 2016
Once you have your infrastructure updated to the latest version of Hyper-V, Veeam Backup & Replication 9.5 will leverage production checkpoints to create and transact application-consistent and OS-consistent backups. When a request for a production checkpoint is initiated, the hypervisor initiates the guest VSS to bring the VM to a consistent state — this is when the actual checkpoint takes place. See Figure 1.
Figure 1: An online backup process with an off-host backup proxy used.
Offline (saved state) backups are no longer applicable to VMs running on 2016 hosts, since they relate to their downtime. This is not what we’re after in production environments. Instead, a crash-consistent backup is taken with standard checkpoints, which doesn’t provide data integrity inside of a guest machine. Notice the absence of hypervisor communication with the VM step on Figure 2 below.
Figure 2: A crash-consistent backup process with an off-host backup proxy enabled.
Once you’ve upgraded an environment to Veeam Backup & Replication 9.5, Hyper-V 2016 and VM Hardware version 8.0 with the latest integration services, you’ll be able to fully benefit from the points discussed here.
You can get more detailed information on the Veeam Backup & Replication process at the Veeam Help Center.
Share your comments with the rest of the Hyper-V community in the comments below!