The best free version for enterprise VMware ESXi multi-machine backup and anti-hacking implementation

Many companies choose the VMware vSphere family of products when importing virtual machine solutions. Among them, VMware ESXi (or vSphere Hypervisor) can be used with a ” free version ” authorization code. For enterprises, most of them only need one or two ESXi physical servers to install multiple virtual machines for operation, and use the internal Web interface to manage them, which can also be used to stabilize operations and reduce the overall investment cost.

There is nothing wrong with using the free version of VMware ESXi, but basic virtual machine backup, restore, and replication must be done well to prevent accidents. Achieve the goal of uninterrupted operation around the clock. So how do we do these things? Following the introduction of various backup software that can support the free version of ESXi in the last article ” VMware ESXi Free Edition Specifications and Affordable High-speed Backup Solutions “, this article has selected the most functions and the least restrictions. , Iperius Backup software with a simple interface and the best price to implement. The software can be installed on the Windows platform and supports the free version of VMware ESXi. The following will introduce the server architecture first and teach users how to easily implement 2 backup modes and 1 copy mode of Iperius Backup.

**Use Iperius Backup to achieve VM backup, restore, and replication of various server architectures (details below)**

Table of Contents

Brief description of single, dual, and multi-server architecture

Let’s first discuss the architecture of VMware backup server hosts. We can divide them into single, dual or multiple servers. Please refer to the following architecture diagram.

(1) Dual-machine operation structure: VMware ESXi is installed on both servers 1 and 2 for backup.
And install Iperius Backup in the second Windows VM for mutual backup, restoration, and replication of the main VMs, and cloud backup can be added.
The 2nd equipment must be good enough!

Let’s talk about the dual-machine mode in the first picture, that is, two hosts are installed with VMware ESXi, one of which is the operation host, and one of which is the backup host including the backup host, and this one is better equipped, including CPU requirements. Fast enough, enough memory (for example, 128~256GB ), hard disk capacity large enough (for example, 2TB or more hard disk ) and fast enough ( NVMe SSD or SATA SSD is recommended ) to open a VM and execute Iperius Backup in it. If a high-speed backup is required, it is recommended to install a 10G network card on both servers and pair them with a DAC cable, which is equivalent to establishing an exclusive network highway between the two servers for regular backup and replication. If you need multiple backups, you can also configure uploading to a cloud drive.

(2) Multi-machine operation structure: VMware ESXi is installed on both servers 1 and 2 for mutual backup.
Install Windows Server on the third physical management and storage server, and install Iperius Backup for backup, restore, and replication of a large number of VMs, and cloud backup can be added.

The second picture adopts the multi-machine mode, that is, two (or more) VMware ESXi operating hosts operate independently. In addition, configure a Windows computer (either a server or a desktop computer) with a hard disk large enough and fast enough to run Iperius Backup on it. Also, if you want a high-speed backup, you can build a 10GbE local area network (with a 10G network card and a 10G Switch). This architecture can be used with an ESXi or vCenter account.

As for information security, the purpose of setting up an independent high-speed 10G local area network in the above structure is to be able to operate at high speed and independently. It would be better if it is backed up to the cloud to prevent ransomware attacks! To connect to AD, and set VLAN to separate the network area, this structure is very secure: anti-hack, backup, and backup can be done at one time.

So, can I use Iperius Backup if there is only a single VMware ESXi server? In fact, it is also possible, please refer to the figure below.

(3) Stand-alone operation structure: VMware ESXi is installed on the server, a VLAN is established between each VM, and Iperius Backup is installed in a Windows VM for mutual backup and restoration of main VMs, and cloud backup can be added.
The equipment has to be good enough to handle this!

This single-server architecture diagram is similar to the dual-server setup, but instead, create a VM in your single physical server to feed Windows and Iperius Backup, and add an independent VLAN in the network part (to be matched with the router settings ), and then add a virtual network card to the VM and add this VLAN, so that the VM of Iperius Backup can be backed up and restored through this VLAN (the same server does not need to be replicated), which can also meet the above requirements. But the hardware of the stand-alone should be as high-end as above, so as not to affect the overall performance. It should be noted that there is no backup mechanism in the stand-alone architecture, and once the server crashes, it cannot escape the fate of downtime. Therefore, for long-term operation, it is recommended to choose at least a dual-machine or above architecture, which will be safer.

Introduction to Iperius Backup Backup Software

Iperius Backup, launched by Italian business Iperius, is a VMware/Hyper-V backup software that supports backup to NAS, USB flash drives, FTP and cloud hard drives (Google Drive, OneDrive, Dropbox, Amazon S3, Azure Storage, etc.). For Desktop/Essential/Advanced/Full and other versions, only the Advanced version or above supports the backup of the VMware ESXi free version, and it is a good choice for an affordable backup solution.

Its features include:

> Online backup of ESXi/Free, backup to local server/tape/cloud etc.
> Single license, unlimited number of physical hosts and virtual machines
> Support incremental/differential backup of ESXi and ESXi Free (CBT / VDDK) and restore
> Supports replication (full/incremental/differential) between different storage areas or hosts
> Incremental backup or replication even on ESXi Free hosts
> Lightweight and efficient backup mode, no agent installation (such as vddk)
> can be installed on general Windows or Windows Server platforms

Regarding incremental/differential backup, Iperius Backup can be completely free of agent installation (no need to install the VDDK tool in the VM), just add CBT settings and you can do it. In addition, the cost of this software is cheaper than other products of the same level, and it is undoubtedly one of the best choices to authorize a buyout. However, its backup file structure is also a proprietary format, which can only be restored to a VMware host. Unless it is a full backup format, it can be executed on VMware Workstation.

Total of 4 backup modes of Iperius Backup

The VMware backup/replication function of Iperius Backup has the following 4 types:

(1) Standard backup (VM full file backup)
(2) CBT / VDDK backup (full/incremental/differential backup)
(3) Full backup to other storage areas/hosts (vCenter account connection required)
(4) Additional Volume replication (host to host)

In the above 4 options, except (3) you need to log in with the vCenter account, the rest can only be logged in with the account of the ESXi host. Since vCenter is a paid suite of the vSphere family, it can be used for more advanced management and applications, and this article only discusses the free version of vSphere Hypervisor, so the following only introduces (1), (2), (4) these three Backup/rewrite function.

After installing Iperius Backup and entering the Advanced or Full version serial number, you can enable the full ESXi backup function. During the official backup, as long as you select “Create a new backup” on the main screen, you can refer to the following screenshot instructions.

**Click to create a new backup, and then choose to add ESXi backup**

**Add the ESXi host you want to back up**

**Enter the name, IP and account information of the ESXi host**

**Click connect/rearrange, and the test can be connected, and you can proceed to the next step**

**Next, select the VM host you want to back up (it is recommended to select important VMs for backup, of course, if there is enough backup space, you can tick all of them)**

**Then there are 4 backup modes of Iperius Backup to choose from**

Standard standard backup mode

Standard Standard mode is the easiest backup method. Iperius Backup directly downloads the VM files from the ESXi host and stores them on the local Windows hard drive (you can also choose to upload them to a cloud hard drive for multiple backups at the same time). Just set the backup It is the simplest backup method, and you can easily get the backup action of the VM. However, this backup method is time-consuming and consumes storage space, but it is the safest backup method. A brief description of the advantages and disadvantages is as follows:

advantage:

Backup jobs only need to be set once, and backups can be automatically scheduled
No need to modify the VM configuration file, no need to modify CBT or install VDDK, this is the Full backup VMDK format
Multiple sets of backup files can be performed according to different dates/times, and each backup file can be used independently
The backed-up VM files can even be used directly on VMware Workstation

shortcoming:

Pulling the complete VMDK file directly requires more backup storage space
The backup time is long!

The following is the description of the screen during the actual setting:

**When this screen appears, select Standard (copy of individual virtual machine files)**

For the destination folder, you can choose the path on the local side. If you want to do multiple sets of full backups and back up according to the date, you can use the variable method to name the folder. For example, in this example, the directory is set to the year, month, day, and time. Way

**For the variable of the folder, you can press the {} button on the right side of the picture above, and this screen will appear**

Here you can choose whether to shut down the VM before the backup, restart the VM after the backup, and set some login/logout accounts for the VM.
Generally, it can be backed up without shutting down.
Therefore, the existing settings can be maintained.
After that, you can press the OK button

**The beginning of this is the part of additional projects, click Next**

**Additional destination storage areas can be added here, such as cloud storage, other FTP servers, etc. Take the cloud as an example, click Next**

**Iperius Backup supports cloud storage such as Google, Microsoft, Dropbox, Amazon, etc. If you want to backup to the cloud at the same time, you can set it here**

**The next step is to select the schedule, you can choose the day of the week, the day of the month, a specific date, and a specific time to do the scheduled backup**

**Then you can choose email notification, other processes (additional operations before and after backup) and advanced settings (such as compression ratio, log files, etc.), and click Next**

**Finally, name the backup job, and then press OK to start the automatic or manual backup**

**Once the backup job is set, just click the right mouse button on the backup job bar and select “Execute Backup” to perform a manual backup.**

After the above-mentioned series of settings, after the VM you want to backup, backup mode, backup time, and backup destination are all set, you can wait for the Iperius Backup time to start the backup, or click the mouse on the backup job. Right button to force manual backup too.

**The backup in progress will display the backup progress and status**

**After the backup is complete, this screen will appear**

After the backup is complete, you can view the contents of the backed-up files!

In terms of a full backup, you can set Iperius Backup to create a directory according to the date and time, and perform a full backup (two sets of full backups are built in the legend, which is distinguished by time).
And these full backup files can be used directly on VMware Workstation or other ESXi hosts

Incremental/Differential CBT/VDDK Advanced Backup Mode

Incremental/Differential (CBT/VDDK) mode is an advanced backup method that reduces backup time and storage space. Through VMware’s CBT / VDDK function (detailed below), the changed part of the disk read and write is backed up. Therefore, it is suitable for occasions where daily backups are required. In this backup mode, Iperius Backup will compare the written changes of VM Storage (xxxx-ctk.vmdk), and store the changed parts on the local Windows hard disk. Therefore, compared with the full backup mode, it can save time and money. Less storage space and time. Of course, the first backup is still a full backup, and the subsequent backups are incremental or differential backups. The advantages and disadvantages of this mode are as follows:

advantage:

Same as above, the backup job only needs to be set once, and the backup can be automatically scheduled
No need to set the date when backing up, you can access multiple sets of backup files
Only refer to the storage change part, only a small amount of backup storage space is required for incremental or differential backup
Incremental/differential backup time will be shorter

shortcoming:

VM settings need to be changed (choose one of the following):
(i) CBT method: Change the configuration file (.vmx) and add more than two sets of Enable parameters (see below)
(ii) VDDK method: Install VDDK package in the VM (details below)
The backed-up VM files are in the Iperius exclusive format (IBI, IBD files) ! It cannot be used directly for VMware Workstation, and each incremental backup file is in a dependent state, so you must refer to the first full backup data when restoring.

The following is the description of the screen during the actual setting (it is not repeated with the above-mentioned parts):

**When this screen appears, select CBT / VDDK (full / incremental / differential)**

For the backup type, you can choose one full backup + Incremental backups, and the Number of backups on the right can be specified according to your own preferences, and a maximum of several backups can be kept (for example, set 7, and the 1st backup will be overwritten at the 8th backup). backup, and so on)

Select the destination folder. Since incremental backup is selected at this time, the directory name does not need to specify a date variable, it is just fine.
Subsequent settings are the same as the above full backup settings.
I won’t go into details here

After the backup job is set, you can back up automatically or manually. It’s worth noting that if you don’t have CBT / VDDK turned on, the backup job will fail! Please refer to one of the modification methods below to successfully use incremental/differential backup or replication.

**When selecting incremental/differential backup or replication, if CBT is not enabled (or VDDK is installed), such a warning or error message will appear**

**If VDDK is installed (or CBT is turned on), you can see the message that the complete backup is successful in the backup record**

The structure of the incremental backup file is shown in the figure. A new directory will be created for each increment. The length of the IBD file represents the change of disk writing during each backup. These files are in the exclusive format of Iperius Backup and cannot be stored in VMware Workstation. or directly on other ESXi hosts

Replication incremental replication mode

Incremental Replication (Incremental Replication) mode is a backup data backup method. Different from the previous two backups, Backup stores backup data to other hosts or cloud hosts, while Replicate saves backup data to other hosts. Backup data is stored on the same ESXi host or another ESXi backup host. When there is a problem with the VM of the main server, the backup server can be powered on immediately, which can reduce downtime. This method also needs to turn on the CBT/VDDK function before it can be used. The advantages and disadvantages are described as follows:

advantage:

Same as above, the replication job only needs to be set once, and the replication can be automatically scheduled
Same as above, no need to set the date when rewriting, you can write the VM state multiple times
Same as above, only refer to the storage changes, incremental or differential backup requires only a small amount of backup storage space
Same as above, incremental/differential copy time is shorter

shortcoming:

Same as above, VM settings need to be changed, please refer to the above CBT/VDDK modification/installation method
Generally, the copied VM machine should not be turned on at will. Once powered on, the next time you want to overwrite, you have to do it all over again, that is, go back to the first full overwrite, and then incremental/differential overwrite later.

The following is the description of the screen during the actual setting (it is not repeated with the above-mentioned parts):

**When this screen appears, select Incremental replication from Host to Host**

When selecting the destination, first specify which ESXi Server and Datastore to copy to, and the directory name of the VM copy machine will be followed by the word -Replica, which means this is a copy machine, and the subsequent settings are the same as the above incremental backup settings. same.
I won’t go into details here

After the backup job is set, you can back up automatically or manually. Similarly, CBT / VDDK must be turned on for copying, otherwise, the copying job will fail! Please refer to one of the modification methods below to successfully use incremental/differential backup or replication.

It is worth noting that when setting the replication destination, it is generally replicated to other VM servers. Although it can be replicated to other Datastores on the same VM server, this is meaningless, because if the VM machine crashes, it is equal to Both VMs being dead and cannot use the copier of the other VM server for emergency backup. In addition, don’t turn on the copied VM if it’s okay, because this will cause an error that the hard disks cannot be compared during subsequent copying operations. Iperius Backup will require the user to cut off the copying machine and retrain it, and then re-create the VM copying. machine.

During incremental replication, a replica machine with -Replica will appear on the VMware ESXi interface, indicating that the VM is mainly used as a backup. Try not to start it when you have nothing to do, so as to avoid cutting and retraining in subsequent replication operations.

Modification of the CBT method

The design of incremental backup/differential backup needs to refer to what changes have been made to the disk from the last backup. In VMware’s case, it has a CBT (Changed Block Tracking, Changed Block Tracking) mechanism that can be used to track Records written to the hard disk. This option is generally disabled by default, and users must manually enable this function to use the incremental/differential backup or replication function.

Just choose one of CBT or VDDK, here are the pros and cons of the CBT method:

● Advantages: Just change the settings of the vmx file , without having to change the disk content of the VM machine, which is more convenient.
● Disadvantage: Each VM has to be configured one by one, and it is necessary to know which disk interface it is.

There are at least two places where CBT needs to be changed:

One is the main option: ctk.Enabled = “TRUE”

One is the controller interface of your corresponding hard disk, also add <interface>.ctkEnabled = “TRUE” , that is:

Use IDE interface → ide0:0.ctkEnabled = “TRUE”
Use SATA interface → sata0:0.ctkEnabled = “TRUE”
Use SCSI interface → scsi0:0.ctkEnabled = “TRUE”
Use NVMe interface → nvme0:0.ctkEnabled = ” TRUE”

Most of the VM machines have only one virtual hard disk, so you only need to set the above group. If your VM machine has two virtual hard disks (eg SATA hard disks), then the second one may be assigned as SATA (0:1), so in addition to adding sata0:0.ctkEnabled = “TRUE” to the first one In addition, you have to add sata0:1.ctkEnabled = “TRUE” to be complete. Please refer to the screenshot below for the modification method.

Edit your VM machine, find the part of disk 1, and check the location of the controller where it is located. This example is
SCSI (0:0)

**Click on “Virtual Machine Options” and open the “Advanced” tab below**

**Pull down the screen to see “Edit Configuration”, click on it**

In the configuration parameter section, click Add parameter.
Then enter *ctkEnabled in the left key below, enter* *TRUE* in the right value, and press OK

Add a new value, refer to the above disk 1 in SCSI0:0, so enter *scsi0:0.ctkEnabled in the lower left key, enter TRUE* in the right value, and press OK (if there are other disk drives, also compare handle the input one by one). This will enable the CBT function

Install VDDK method

If your VM is Windows or Linux, you can use this VDDK (Virtual Disk Development Kit) solution if you don’t want to use the above method to enable CBT. First go to VMware’s official VDDK download area (you need to log in to your VMware account) to download the vddk package, which is divided into VMware-vix-disklib-7.0.x-xxxxxxxx.x86_64.tar.gz for Linux and VMware-vix-disklib for Windows -7.0.x-xxxxxxxx.x86_64.zip file, it is recommended to download them all.

The advantages and disadvantages of the VDDK method are as follows:

Advantage: You only need to install it once in the VM, and you don’t have to worry about the VMX CBT settings required for relocating or consolidating hard drives in the future.
Disadvantage: Each VM must be installed one by one, which will take up a little more disk space.

Take the Windows version of the VMware-vix-disklib-7.0.3-18705163.x86_64.zip file as an example, start your VM first, then copy the above zip file into it, unzip it, and then act as a system administrator Open “CMD”, and then execute the vstor2install.bat inside. If Service installed appears, it means that VDDK is successfully installed.

**Copy the zip of VDDK to your VM machine, decompress it, open “*CMD”* as a system administrator, and then execute *vstor2install.bat* inside to complete the installation**

VM restore method

As for the backed-up VM files, if the original VM of the VM server has access errors, poisoning, or other factors that cause the VM to fail to operate smoothly, it can be restored through the Restore function. The screenshot of the operation is as follows:

**On the Iperius Backup homepage, select “Restore”, and then click Restore ESXi virtual machines**

**Then select your backup folder, which should contain related files of Iperius Backup**

**At this point, various backup contents, numbers, file sizes and types will be listed. Choose one to restore according to your needs**

Next, select the Datastore to be restored, and the name of the virtual machine (customized to the original VM name plus _restored), note that you cannot directly restore to the original VM, and must have a different name

**Next, “Execute Recovery”, you can perform the VM restore operation**

**Next, wait for the restore operation, and this screen will appear when it is successful**

**Go back to the VMware ESXi interface, you can see the newly restored VM, and it can be used after booting**

Efficacy

In terms of performance, we used a 1GbE network card and a 10GbE network card to perform Full Backup on a Win10 VM (with a capacity of 43.4GB). Please refer to the following figure for the test results.

As can be seen from the above picture, the red box is the performance of 1GbE, and the green box is the performance of 10GbE. It can be found that the speed of 10GbE is more than 3 times faster than that of 1GbE. Therefore, it is recommended to install an additional 10GbE network card to build a dedicated network. Highway to speed up VMware backup and replication.

In conclusion

The above is the introduction of 2 backup modes and 1 copy mode of Iperius Backup. It can be used with the free version of VMware ESXi to achieve complete backup and copy functions, and with a 10GbE high-speed network connection, you can spend a small fee. Achieving ultra-high-speed backup effects, can be said to be a professional-level backup and backup solution at an affordable price, giving enterprises a reliable operating environment.

In short, whether it is a single-machine, dual-machine or multi-machine architecture, the backup and backup work of VMware can be constructed through the construction method of this article.

If this article is helpful for you, please share this article with your friends on social media. Thank you!!

This article is based on the personality of the reviews. You are responsible for fact-checking if the contents are not facts or accurate.

Title: The best free version for enterprise VMware ESXi multi-machine backup and anti-hacking implementation