OPERATIONAL DEFECT DATABASE
...
...
This article provides information about Cohesity Platform for Data Protection of VMware Cloud on AWS.Disclaimer: The partner solution referenced in this article is a solution that is developed and supported by a partner. Use of this product is also governed by the end user license agreement of the partner. You must obtain from the partner the application, support, and licensing for using this product. For more information, see https://www.cohesity.com.This section includes summary of target data protection: Use casesSolution ArchitectureSolution ComponentsSupport Information - see Related Information section Use cases Cohesity provides a policy driven approach for data protection of VMs in VMware Cloud on AWS. The use cases covered in this section are: Data Protection in VMCExtended RetentionVM level RecoveryGranular File & Folder Recovery Solution Architecture Cohesity provides end-to-end data protection for application-driven modern infrastructure that spans from core to the cloud and edge. Customers benefit from the same user-friendly interface for managing backup of VMware environments, both on-premises and in VMware Cloud on AWS.This section focuses on Cohesity Platform for protection of workloads in VMware Cloud on AWS (VMC) Platform. Cohesity Data Protection solution can be deployed in two form factors to protect VMC workloads, either as a VMware VM deployed inside VMC SDDC (called Cohesity Virtual Edition) or running on Amazon EC2 instances in the regular AWS account (called Cohesity Cloud Edition).Cohesity Virtual Edition deployment is suitable for protecting small VMC environments and Cloud Edition for medium-large VMC environments.The illustration below shows Cohesity Virtual Edition (VE) deployed in VMC SDDC to protect VMC VMs and optionally store the backups in AWS S3 or S3 Glacier for long term retention.Fig: VMC Data Protection using Cohesity Virtual EditionCohesity Cloud Edition (CE) is an Amazon EC2 instance-based deployment of Cohesity Platform. It is deployed in the customer AWS account. Cohesity Cloud edition communicates with VMware SDDC via proxy VM(s) called Hybrid Extenders (HyX) which are installed within VMC SDDC.The picture below shows Cohesity Cloud Edition deployment in AWS account for VMC data protection with Proxy VMs running inside SDDC. All the vSphere APIs and the VDDK calls are routed through the HyX VM(s). VM backups are performed using hotadd transport mode via the HyX VM(s). VM recovery is done by creating a VM with empty disks and using hotadd transport mode to copy over the data via HyX VM.Fig: VMC Data Protection using Cohesity Cloud Edition Solution Components Cohesity Platform leverages the vSphere Storage APIs – Data Protection (VADP) and the Virtual Disk Development Kit (VDDK) to integrate with vSphere & vSAN in VMC to provide extremely efficient virtual machine image level data protection with best in class global deduplication, data resiliency with strict consistency and software-based encryption using the AES-256 standard, with optional FIPS certification for data encryption in-flight and at rest. An easy to manage UI and policy-based management allow customers to achieve strict business SLAs.Cohesity Virtual Edition based solution provides data protection in VMC through the deployment of Cohesity Virtual Appliance in VMC SDDC. More information on the Virtual Edition specifications can be found at https://www.cohesity.com/products/dataplatform-virtual-edition/.Cohesity Cloud Edition based solution provides VMC Data protection through the deployment of Cohesity Cloud Edition in the AWS account. It uses proxy VM(s) called “Hybrid Extender” to communicate with VMC vCenter & ESXi hosts for backup and recovery. More information on the Cloud Edition specifications can be found at https://www.cohesity.com/products/cloud-edition/ Operational Overview The following concepts and activities are part of knowledge transfer for enterprise customers deploying Cohesity Platform for VMC Data protection.1. Initial Setup and ConfigurationCohesity VE DeploymentDeploy and configure Cohesity Virtual Edition OVA in VMC SDDC. Steps to download, install and setup Cohesity Virtual Edition can be found in Cohesity Virtual Edition Setup Guide available at https://docs.cohesity.com/Setup/PDFs/SetupGuideVirtualEditionVMware.pdfCohesity CE Deployment: Deploy Cohesity Cloud edition (CE) in AWS either via GUI over CLI. GUI based installation is available for Cohesity’s SaaS Management Platform (Helios). Steps to setup Cohesity Cloud Edition via Helios are available at https://docs.cohesity.com/WebHelios/Content/Helios/CEAWSDeployment.htm Alternatively, Cohesity Cloud Edition can be setup via CLI as well, the steps are available at https://docs.cohesity.com/Setup/PDFs/SetupGuideCloudEditionAWS.pdf. Deploy Hybrid extender (HyX) proxy VMs on VMC SDDC and configure HyX with the CE using steps below: Download HyX OVA and HyX configuration file from Cohesity UIDeploy the OVA to VMC SDDCAfter the OVA has been deployed, upload the HyX configuration file to the HyX VM URL: http://[HyX ip-address]:29994/upload Check the HyX status on Cohesity UI shows as “Connected” Fig: Download HyX OVA from Cohesity Platform Fig: Deploy the Hybrid Extender in the SDDC Fig: Upload the Hybrid Extender configuration files Fig: Hybrid Extender(s) will show as “Connected” 2. Register vCenter as Data SourceAdd SDDC vCenter as a data source in Cohesity platform to discover the VMs running on VMC.3. Register S3 bucket for Extended Retention (Optional) Create an S3 bucket in your AWS account and register it as an External Target on Cohesity Platform. This step is required to store backups outside of the Cohesity platform for long term retention.4. Create Protection Policies and Protection GroupsA Protection Policy defines periodicity and retention of backup, and their archival and replication. A Projection Job defines which objects are backed up. A Protection Policy can be used for many Protection Groups.For example, the screenshot above shows a Protection Policy called “Archive Group C” which does the following: Take a Snapshot every 4 hours and retain it for 1 week on Cohesity PlatformRetry capturing Snapshots 3 times 5 minutes apart before reporting an errorSend a copy of Snapshot to AWS S3 bucket and retain it for 2 weeks. A Protection Group specifies Source, Objects to be backed up from that source and a Policy to be used for the backups. The screenshot above shows a new Protection Group being created to backup a few VMs from vCenter in SDDC and using a Policy called “Archive - GroupC”.Auto-Protect FeatureWhile creating Protection Group, you can optionally choose Automatic protection at any hierarchical level e.g. a folder level. Every time a new VM is added to the folder, the VM is automatically protected with the previously defined policy and job. This enables the administrator to be hands off for VM data protection while still ensuring that data protection SLAs are met.Fig: Cohesity Auto-Protect FeatureFig: Protection Groups on Cohesity Platform 5. VM level RecoveryCohesity provides the ability to recover Protected Objects (such as VMs) from a Snapshot created earlier by a Protection Group. You can choose a snapshot on Cohesity Platform stored either locally or on AWS S3 external target for recovery. You can recover VMs to the same Logical network in VMC or a different logical network.Recover task extracts the VM files (such as the VMDK files) stored in Snapshots and creates new instances of the VMs in their original locations or in a new location depending on the options you choose during recovery: Recover to Original Location—Recover the VM(s) to their original Resource Pool, datastores, VM folder and logical network in VMCRecover to New Location—Recover the VM(s) to an alternate resource pool, datastore, VM folder or logical network in VMC. Cohesity provides an intuitive user interface for recovery workflows. Screenshot above shows how users can initiate recovery by searching for the objects to recover. Object names or Protection Group names can be used for search filters. 6. File and Folder RecoveryCohesity Platform provides the ability to recover files and folders from a Snapshot created earlier by a Protection Group. Files and folders can be recovered to the original VM or a different VM. You can choose to retain the recovered files' and folders' original (at the time of the backup) permissions and attributes. You can also download files and folders from selected Snapshots. However, only items that were indexed when the Snapshot was created can be downloaded.Recover task extracts the files stored in Snapshots and creates new instances of them in the original VM or a different VM depending on the options you choose during recovery. You can also choose to download files and folders.Fig: Granular Search for File & Folder level RecoveryRecover Files or Folders—Recover files or folders to the original location or to a new location.Download a File or Folder—Download files or folders from an existing Snapshot.VM Backup FlowVM backup is done using hotadd transport mode and although high-level steps are the same, it varies slightly for Virtual Edition and Cloud Edition. For Cloud Edition all the vSphere related control calls and the data calls to pull the data go via HyX. Cohesity performs steps below during the VM backup workflow: Cohesity software takes a snapshot of the VMThe VMDKs associated with the snapshot is opened using VDDK library via HotAdd transport mode.CBT is leveraged to perform incremental backups.Once all the data is copied, VM snapshot is released.VM backup on Cohesity is readily available for recovery from the fully hydrated Cohesity snapshots. Fig: VM Backup Flow in Cohesity Virtual Edition Deployment Fig: VM Backup Flow in Cohesity Cloud Edition Deployment VM Recovery FlowVM recovery is done using hotadd transport mode and although high-level steps are the same, it varies slightly for Virtual Edition and Cloud Edition. For Cloud Edition all the vSphere related control calls and the data calls to pull the data go via HyX. Cohesity performs steps below during the VM recovery workflow: Cohesity software clones the VM files (such as the VMDK files) stored in Snapshots to a temporary Cohesity View. A View is a Cohesity representation of a datastore.Cohesity software creates the target VM(s) with blank disks on the VMC SDDC vCenter based on VM configuration associated with the selected snapshot.Data is copied from VMDK files from the cloned view to the VMDKs attached with the recovered target VM.Recovered VM is powered ON or left powered off based on user selection. Fig: VM Recovery Flow in Cohesity Virtual Edition Deployment Fig: VM Backup Flow in Cohesity Cloud Edition Deployment
Support Information Troubleshooting (logs, procedures, and techniques): Cohesity cluster provides a secure remote tunnel for Cohesity Support personnel to access the cluster and examine and monitor the health of the cluster and troubleshoot to help customers resolve issues.Cohesity uses a Time capsule to aggregate and capture logs in an offline bundle for clusters that are not accessible via the remote tunnel. Indicate whether the solution supports vMotion, HA, and FT: Cohesity leverages and protects VMs and application workloads using vSphere features including vMotion, HA, and SMP-FT. Link to product documentation, and specific reference points in those documents (example, Page Numbers of content referenced) Product documentation is available for Cohesity customers on the Cohesity support portal. https://support.cohesity.com Link to the downloads site Product upgrade binaries and patches are available to download from our Cohesity support portal. https://support.cohesity.com Support ProcessCohesity support currently offers 3 different support channels for engaging with our customers Web PortalLogin credentials are required to access our secure Support Web portal: https://support.cohesity.com From the Cohesity Support Portal you can: Manage your profileSubmit new casesManage existing casesBrowse our knowledge baseExplore our Product DocumentationParticipate in our community with other customers and power users PhoneAmericas United States & Canada: +1-855-9COHESITY, option 2 EMEA United Kingdom: +44 (0)113 8681096, option 2 APAC India: +91 80 67347095Japan: +81 6 4560 2923 Email support@cohesity.com SLAhttps://www.cohesity.com/support/ Appendix Hybrid Extender Requirements A minimum of (1) Hybrid Extender must be deployed per ESXi cluster in the VMC on AWS environmentMultiple HyX VMs can be deployed in the VMC on AWS environment if necessary and the backups will scaleHybrid Extender VM resource requirements: vCPU: 4, Memory: 4 GB, Disk: 64 GBAWS security group: Allow HyX to / from the CE cluster access for the following ports: 22, 29991, 11117Allow access from CE to VMC SDDC on ENI security groupto the following ports: 22, 29991, 11117 VMC on AWS: Connectivity between SDDC to AWS VPC must be configuredEnable access between the CE and HyX access and HyX access to VMC on AWS vCenter HyX to the SDDC vCenterHyX to Cohesity CE cluster (Bi-directional)
Click on a version to see all relevant bugs
VMware Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
