Backup Management
Introduction
Backing up your data is an essential component of any IT infrastructure. In the new Cloud Services Portal, we offer you various options to reliably back up your important data in virtual machines (VMs) and volumes and restore it if needed.
With the new backup function in the Cloud Services Portal, we provide you with a modern and user-friendly solution that has been specially developed to:
- Ensure highest data security through block-based backups.
- Simplify and accelerate the restoration process.
- Enable automated and scheduled backups.
- Provide protection against ransomware through strict backup policies.
- Allow flexibility in storage through local and external backup options.
This documentation guides you through all important aspects of the backup function and shows you how you can optimally protect your data.
An Overview of Backup Options
To make your selection easier, we have compiled a comprehensive overview of all available backup solutions in our Cloud Services Portal here. Each solution has its specific strengths and is suitable for different use cases.
Comparison of Backup Functions
| Function | Portal Backup | Restic |
|---|---|---|
| Basic Properties | ||
| Type | block-based | file-based |
| Atomic (Live Backup) | Yes | No |
| Incremental | Yes (CoW) | Yes |
| Storage Optimization | ||
| Compression | No | Yes |
| Deduplication | No | Yes |
| Encryption | Yes | Yes |
| Storage Location | ||
| Local Storage (AZ) | Yes (CoW) | Yes |
| External Storage | Yes (rbd-mirror+CoW) | Yes (object-storage) |
| Security Features | ||
| Deletion protection | Yes | No |
| Strict Backup Policies | Yes | No |
| Supported Resources | ||
| Attached Volumes | Yes | Yes |
| Volume-based VM | Yes | Yes |
| Image-based VM | Yes | Yes |
| Image VM (Local Storage) | No | Yes |
| Restoration Options | ||
| Restore as new | Yes | Yes |
| Volume | ||
| Restore as new VM | Yes | Yes |
| In-Place Restoration | Yes | Yes |
| Volume | ||
| In-Place Restoration VM | Yes | Yes |
| Restore in another AZ | Yes | Yes |
| Advanced Functions | ||
| Consistency Groups | In next version | No |
| Continuous Data Protection | In next version | No |
Note
* CoW = Copy-on-Write Technology * AZ = Availability Zone * TTL = Time To Live
Recommendations for Selection
- Portal Backup: Best choice for mission-critical workloads with high security requirements
- Restic: Recommended for special use cases requiring file-level backups
Tip
The Portal Backup offers the most comprehensive features and is particularly recommended for production environments that have high requirements for data security and recoverability.
Managing Backup Policies
The Backup Policies are the core of our backup solution. They define:
- When a backup is created.
- How often backups are created.
- How long backups are retained.
- How errors are handled.
A well-thought-out backup policy helps protect your data effectively.
Components of a Backup Policy
| Property | Description |
|---|---|
| Name | Unique identifier for the backup policy (e.g., "daily-production-backup") |
| Backup Backend Rule | Defines the target storage for backups. Currently, the robust 'rbd' (RADOS Block Device Backend) is supported |
| Backup Strategy | Determines the immutability of the policy: * flexible: Can be modified or removed * strict: Provides protection against unintended changes or manipulation |
| Backup Window | Maximum random delay (in hours) before backup creation. Prevents load peaks due to simultaneous backup starts |
| Description | Detailed, understandable description of the backup purpose and configuration |
| Incremental Policy | Number of incremental backups between full backups. Optimizes storage usage and backup speed |
| Notification Email | Email address for status messages after backup execution |
| Retention in Primary Storage | Number of backup generations to be kept locally. Enables quick restoration |
| Retention in Secondary Storage | Number of backup generations to be stored externally. Ensures additional data security |
| Retries | Maximum number of retry attempts for failed backups. Increases the reliability of the backup process |
| Schedule | Defines the backup frequency: * Daily: For critical production data * Weekly: For data that changes infrequently * Monthly: For archival purposes |
: Properties of Backup Policies
Note
The combination of these properties allows for a precise alignment of your backup strategy. Please consider the following aspects when configuring your policies:
- Data security
- Resource utilization
- Restoration times
Tip
For critical production systems, we recommend:
- strict backup policies for protection against accidental changes
- Short backup intervals (daily)
- Sufficient retention time in both storage tiers
- Enabled email notifications for timely response to issues
Available Backup Policies
| Name | Backend Rule | Strategy | Window | Description |
|---|---|---|---|---|
| relaxed-daily-7 | rbd | flexible | 4 | 7 flexible daily backups |
| relaxed-daily-21 | rbd | flexible | 4 | 21 flexible daily backups |
| relaxed-daily-35 | rbd | flexible | 4 | 35 flexible daily backups |
Note
Further backup policies such as weekly, monthly, and strict will follow shortly.
Assigning a Backup Policy to a Resource
You can assign backup policies at the following levels:
- Project Level The policy set here is dynamically applied to all underlying VMs.
- VM Level The policy set here is applied to all underlying volumes.
- Volume Level The policy set here is applied only to the defined volume.
The levels are managed hierarchically, so definitions at the volume level overwrite those at the project level.
Warning
Once the strict property is set for a backup policy, this policy can no longer be changed.
Best Practices
- For dynamic projects with frequent VM creation: Use project-level backup policies
- For static projects: Use VM- or volume-level backup policies
Ransomware Protection
Important
- strict backup policies prevent ransomware attacks from removing the backup policies
- TTLs can be extended but never shortened
- TTLs prevent premature backup deletion
Managing Your Backups
Navigate to the Backup panel in the left sidebar of the portal:
Backup Dashboard Overview
Projects
Shows you a list of your available projects. On the right side, you can:
- Set Backup Policy: To assign a backup policy at the project level
Functions:
- Projects can be expanded to show associated VMs
- VMs can be expanded to show attached volumes (Cinder volumes and Nova Disk for image-based VMs)
- Volumes can be expanded to view their backups
- Available backup actions are described in the Backups section
Virtual Machines
Shows you a list of your available VMs. On the right side, you can:
- Set Backup Policy: To assign a backup policy at the VM level
Functions:
- VMs can be expanded to show attached volumes (Cinder volumes and Nova Disk for image-based VMs)
- Volumes can be expanded to view their backups
- Available backup actions are described in the Backups section
Volumes
Shows you a list of your available volumes. On the right side, you can:
- Set Backup Policy: To assign a backup policy at the Volume level
Functions:
- Volumes can be expanded to view their backups
- Available backup actions are described in the 'Backups' section
Backups
Here you will find an overview of all your backups:
Available Backups
Shows all completed, unexpired backups. Available actions:
- Details: View all information about the backup
- Extend Backup Lifespan: Extend the TTL of the backup, e.g., for longer-term retention of End-of-Year backups; unlimited retention is possible
- In-Place Restoration: Restore to a (detached) Volume or a (shut down) VM
- Restore as new Volume: Restore to a new Volume (Name, AZ, and Volume Type required)
- Restore as new Image: Restore as a new Glance image (Image Name required)
Running Restorations
Shows backups with ongoing restoration.
Scheduled Backups
Shows upcoming scheduled backups. Available actions:
- Details: View all information about the scheduled backup
- Run Immediately: Manually create a backup immediately
Failed Backups
Shows backups with restoration errors.
Expired Backups
Shows expired (deleted from storage) backups. Available actions:
- Details: View all information about the expired backup
Note
* AZ = Availability Zone * TTL = Time To Live * EoY = End of Year
Step-by-Step: Applying a Backup Policy and Performing a Restoration
In this step-by-step guide, we show you how to:
- Apply a backup policy to an image-based VM (e-flavor)
- Manually execute the backup policy to create a backup immediately
- Perform an in-place restore to revert all changes since the backup
Important
- The VM can remain in Active state during backup creation.
- For restoration, the VM must be in Shut Down state.
1. Apply Backup Policy to an Image-based VM
First Steps
In the portal, navigate to the "Backups" section via the left sidebar:
b) Switch to the VM Overview:
- Click on the "Virtual Machines" tab
c) Assign Backup Policy:
- Click on "Set Backup Policy" in the Actions column on the right
- Select the policy "relaxed-daily-7"
- Enter "2" as the start time
- Click on "Set Policy"
2. Run Backup Immediately
a) View Volumes and switch to the Backup Plan:
- Click the expand button on the left to show all volumes of the VM
- Select the "Scheduled Backups" tab
- Click on "Run Immediately" in the Actions column on the right
b) Start Backup:
- Enter the Backup ID
- Click on "Execute"
3. Perform In-Place Restore
a) Restore Backup:
- Navigate to the "Backups" section
- Select the "Available Backups" tab
- Wait for the new backup to become available
- Click on "In-Place Restoration" in the Actions column on the right
b) Confirm Restoration:
- Enter the Backup ID
- Click on "Restore"
Note
Before restoration, ensure that the VM is in the shut down state. Back up important data before restoration. The Backup ID can be found in the overview of available backups.