The horror of Agent-Based system restores

Posted by

A day in the life of a Data Protection Auditor

STEP 1: List VM hardware details!
  • vCenter (CPU/MEM/vDISK/vNIC)
  • including vNIC & SCSI Controller type!!!
STEP 2: List in-Guest Backup Agent details (case-sensitive)
  • http://backup.local
  • Remark: Operating Systems description are not (always) up to date, which could lead to wrong choice of template.
  • Remark: Everyone using the same (personalised) admin accounts is not a best-practise for logging purposes > use admin groups!
STEP 3: list IP Configuration details
  • http://cmdb.local
  • Issue: NO DNS information available
  • Remark: everyone using the same (personalised) admin accounts is not a best-practise for logging purposes > use admin groups!
STEP 3: deploying a VM template + change VM hardware
  • remark: no OS optimization enabled in vCenter
  • Issue: different HAL is impossible to know (i.e. single-processor/multiprocessor)
  • remark: due to lack of VAAI plugin for Storage Array, this process takes over 15-20 minutes.
STEP 4: perform guest OS & IP changes
  • if DMZ > change host file
    • x.x.x.x backupserver backupserver.local (server VLAN)
    • x.x.x.x backupserverb backupserverb.local (backup VLAN)
  • Remark: using local host-file changes makes restore unnecessary complicated. Make these changes in DNS.
STEP 5: initialize new disk(s)
  • Issue: drive letters unknown in CMDB
STEP 6: set <old school software> client details
STEP 7: reboot
STEP 8: take VM snapshot in case restore fails
THESE 8 steps take about 1 hour to complete
STEP 9: restore C:\
  • Issue: restore procedure cannot be killed by admin > no way to know real progress without involving global team.
This process takes about 30 minutes to complete
STEP 10: restore SystemState
This process takes about 30 minutes to complete
STEP 11: reboot
STEP 12: restore Data disks
The time this process takes depends on the size of the machine.
===========================================
Somehow I have a feeling this not really the most efficient way to protect your infrastructure.
Be Social and Share: Facebooktwittergoogle_plusredditpinterestlinkedintumblrmailFacebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Leave a Reply

Your email address will not be published. Required fields are marked *