Backing up a VM with Hystax Acura Backup
You can create VM backups automatically and recover them in your cloud infrastructure using Hystax Acura Backup in Yandex Cloud.
A VM with Hystax Acura Backup manages the backup and recovery processes. VM backups are saved to an Object Storage bucket. Recovery is performed using an auxiliary Hystax Cloud Agent VM. It creates a new VM with a certain RPO (recovery point objective) at a point of time in the past. Backup RTO (recovery time objective) depends on the amount of source data.
To back up and recover a VM using Hystax Acura Backup:
- Prepare your cloud.
- Create a service account.
- Configure network traffic permissions.
- Create a bucket.
- Create a VM with Hystax Acura Backup.
- Make the VM IP address static.
- Set up Hystax Acura Backup.
- Prepare and install an agent on the VM.
- Create a VM backup.
- Create a disaster recovery plan.
- Run the recovery process.
If you no longer need the resources you created, delete them.
Prepare your cloud
Sign up for Yandex Cloud and create a billing account:
- Go to the management console
and log in to Yandex Cloud or create an account if you do not have one yet. - On the Yandex Cloud Billing
page, make sure you have a billing account linked and it has theACTIVE
orTRIAL_ACTIVE
status. If you do not have a billing account, create one.
If you have an active billing account, you can go to the cloud page
Learn more about clouds and folders.
Required paid resources
Note
Note that both the Hystax Acura Backup infrastructure and all the recovered VMs will be charged and counted against the quotas
- A Hystax Acura Backup VM uses 8 vCPUs, 16 GB of RAM, and a 200-GB disk.
- The auxiliary Hystax Cloud Agent VMs use 2 vCPU cores, 4 GB or RAM, and a 10-GB disk. A single Hystax Acura Cloud Agent VM can serve up to 6 replicated disks at the same time. If there are more than 6 disks, additional Hystax Acura Cloud Agent VMs are created automatically.
For detailed system requirements, see the Hystax documentation
The cost of the resources required to use Hystax Acura Backup includes:
- Fee for VM computing resources (see Yandex Compute Cloud pricing).
- Fee for VM disks (see Yandex Compute Cloud pricing).
- Fee for using a dynamic or static external IP address (see Yandex Virtual Private Cloud pricing).
- Fee for data storage in a bucket and operations with data (see Yandex Object Storage pricing).
- Fee for using Hystax Acura Backup (see product description in Cloud Marketplace).
Create a service account and access keys
Hystax Acura Backup will run under a service account.
- Create a service account named
hystax-acura-account
with theeditor
andmarketplace.meteringAgent
roles. Save the service account ID. You will need it later. - Create an authorized key for the service account. An authorized key is required to perform operations in Yandex Cloud as a service account. Save the ID and private key. You will need them later.
- Create a static access key. A static key is required to access a bucket as a service account. Save the ID and secret key. You will need them later.
Configure network traffic permissions
Configure network traffic permissions in the default security group.
Add the following rules to it:
Traffic direction |
Description | Port range | Protocol | Destination name / Source |
CIDR blocks |
---|---|---|---|---|---|
Incoming | http |
80 |
TCP |
CIDR |
0.0.0.0/0 |
Incoming | https |
443 |
TCP |
CIDR |
0.0.0.0/0 |
Incoming | https |
4443 |
TCP |
CIDR |
0.0.0.0/0 |
Incoming | vmware |
902 |
TCP |
CIDR |
0.0.0.0/0 |
Incoming | vmware |
902 |
UDP |
CIDR |
0.0.0.0/0 |
Incoming | iSCSI |
3260 |
TCP |
CIDR |
0.0.0.0/0 |
Incoming | udp |
12201 |
UDP |
CIDR |
0.0.0.0/0 |
Incoming | tcp |
15000 |
TCP |
CIDR |
0.0.0.0/0 |
Outgoing | http |
80 |
TCP |
CIDR |
0.0.0.0/0 |
Outgoing | https |
443 |
TCP |
CIDR |
0.0.0.0/0 |
Outgoing | vmware |
902 |
TCP |
CIDR |
0.0.0.0/0 |
Outgoing | vmware |
902 |
UDP |
CIDR |
0.0.0.0/0 |
Outgoing | iSCSI |
3260 |
TCP |
CIDR |
0.0.0.0/0 |
Outgoing | udp |
12201 |
UDP |
CIDR |
0.0.0.0/0 |
Save the security group ID. You will need it later.
Note
Auxiliary Hystax Cloud Agent VMs are created automatically in the default security group. If you created an individual group for the Hystax Acura Backup VM, move auxiliary Hystax Cloud Agent VMs to this group once they're created.
Create a bucket
- In the management console
, select the folder you want to create a bucket in. - Select Object Storage.
- Click Create bucket.
- On the bucket creation page:
-
Enter a name for the bucket according to the naming requirements.
-
Limit the maximum bucket size, if required.
If the value is
0
, the maximum size is not limited and is similar to the enabled No limit option. -
Select the type of access:
- Object read access:
Restricted
. - Object listing access:
Restricted
. - Read access to settings:
Restricted
.
- Object read access:
-
Select the storage class:
Standard
. -
Click Create bucket to complete the operation.
-
- Save the bucket name. You will need it later.
Use the create REST API method for the Bucket resource or the BucketService/Create gRPC API call.
Create a VM with Hystax Acura Backup
To create a VM with recommended configuration and a boot disk from the Hystax Acura Backup image:
-
In the management console
, select the folder to create your VM in. -
In the list of services, select Compute Cloud.
-
In the left-hand panel, select
Virtual machines. -
Click Create virtual machine.
-
Under Boot disk image:
- Go to the Marketplace tab.
- Click Show all Marketplace products.
- In the list of public images, select Hystax Acura Backup in Yandex Cloud and click Use.
-
Under Location, select an availability zone to place your VM in.
Save the availability zone ID. You will need it later.
-
Under Disks and file storages, enter
200 GB
for boot disk size. -
Under Computing resources, select the configuration with
8 vCPU
and16 GB
. -
Under Network settings:
-
In the Subnet field, enter the ID of a subnet in the new VM’s availability zone. Alternatively, you can select a cloud network from the list.
-
Each network must have at least one subnet. If there is no subnet, create one by selecting Create subnet.
-
If you do not have a network, click Create network to create one:
- In the window that opens, enter the network name and select the folder to host the network.
- (Optional) Select the Create subnets option to automatically create subnets in all availability zones.
- Click Create network.
-
-
If a list of Security groups is available, select the security group you had previously configured network traffic permissions for. If this list does not exist, all incoming and outgoing traffic will be enabled for the VM.
-
-
Under Access, select SSH key and specify the information required to access the VM:
- In the Login field, enter a username, e.g.,
yc-user
. -
In the SSH key field, select the SSH key saved in your organization user profile.
If there are no saved SSH keys in your profile, or you want to add a new key:
- Click Add key.
- Enter a name for the SSH key.
- Upload or paste the contents of the public key file. You need to create a key pair for the SSH connection to a VM yourself.
- Click Add.
The SSH key will be added to your organization user profile.
If users cannot add SSH keys to their profiles in the organization, the added public SSH key will only be saved to the user profile of the VM being created.
- In the Login field, enter a username, e.g.,
-
Under General information, specify the VM name:
hystax-acura-vm
. -
Under Additional, select the
hystax-acura-account
service account. -
Click Create VM.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
Run this command:
yc compute instance create \
--name hystax-acura-vm \
--zone <availability_zone> \
--cores 8 \
--memory 16 \
--network-interface subnet-id=<subnet_ID>,nat-ip-version=ipv4,security-group-ids=<security_group_ID> \
--create-boot-disk name=hystax-acura-disk,size=200,image-id=<Hystax_Acura_Backup_image_ID> \
--service-account-id <service_account_ID> \
--ssh-key <path_to_public_SSH_key_file>
Where:
--name
: VM name, e.g.,hystax-acura-vm
.--zone
: Availability zone, e.g.,ru-central1-a
. Save the availability zone ID. You will need it later.--cores
: Number of vCPUs the VM has.--memory
: VM RAM size.--network-interface
: VM network interface description:subnet-id
: ID of the subnet to connect your VM to. You can get the list of subnets using theyc vpc subnet list
CLI command. Save the subnet ID. You will need it later.nat-ip-version=ipv4
: Connect a public IP address.security-group-ids
: Security group. Use this parameter if the group is previously configured. You can get the list of groups using theyc vpc security-group list
CLI command. If you skip this parameter, the default security group will be assigned.
--create-boot-disk
: Create a new disk for the VM:name
: Disk name, e.g.,hystax-acura-disk
.size
: Disk size.image-id
: Disk image ID. Useimage_id
from the product description in Cloud Marketplace.
--service-account-id
: ID of the previously created service account. You can get the list of accounts using theyc iam service-account list
command.--ssh-key
: Path to the public SSH key file. The default username for access over SSH isyc-user
.
Use the create REST API method for the Instance resource or the InstanceService/Create gRPC API call.
Make the VM IP address static
VMs are created with a public dynamic IP. Since a VM with Hystax Acura Backup may reboot, make the IP static.
- In the management console
, open the page for the folder you are using. - Select Virtual Private Cloud.
- Go to the IP addresses tab.
- Click
in the row with the address of your Hystax Acura Backup VM. - In the menu that opens, select Make static.
- In the window that opens, click Change.
- Save the IP. You will need it later.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
See the description of the CLI update address attribute command:
yc vpc address update --help
-
Get a list of available addresses:
yc vpc address list
Result:
+----------------------+------+-----------------+----------+------+ | ID | NAME | ADDRESS | RESERVED | USED | +----------------------+------+-----------------+----------+------+ | e2l46k8conff******** | | 84.201.155.117 | false | true | +----------------------+------+-----------------+----------+------+
The
false
value of theRESERVED
parameter indicates that the IP address with thee2l46k8conff********
ID
is dynamic. -
Make this address static by using the
--reserved=true
key and IP addressID
:yc vpc address update --reserved=true <IP_address_ID>
Result:
id: e2l46k8conff******** folder_id: b1g7gvsi89m3******** created_at: "2023-05-23T09:36:46Z" external_ipv4_address: address: 84.201.155.117 zone_id: ru-central1-b requirements: {} reserved: true used: true
Now that the
reserved
parameter istrue
, the IP address is static. -
Save the IP. You will need it later.
Use the update REST API method for the Address resource or the AddressService/Update gRPC API call.
Set up Hystax Acura Backup
-
Open the Hystax Acura Backup VM page in the management console
and find its public IP address. -
Enter the Hystax Acura Backup VM public IP address in your browser. The initial setup screen opens.
Note
Booting the Hystax Acura Backup VM for the first time will start an installation process which may take over 20 minutes.
By default, a Hystax Acura VM has a self-signed certificate installed.
-
On the page that opens, fill out the following fields:
- Organization: Name of your organization.
- Admin user login: Administrator username.
- Password: Administrator password.
- Confirm password: Re-enter the administrator password.
-
Click Next.
-
Specify the Yandex Cloud connection settings:
-
Service account ID: The service account ID (obtained when Creating a service account).
-
Key ID: Service account authorized key ID (obtained when creating a service account).
-
Private key: Service account's private key (obtained when Creating a service account).
Note
If you obtained the ID and private key in a JSON file, e.g., when creating an authorized key via the CLI, remove the line break characters (
\n
) from the ID and the private key. -
Default folder ID: ID of your folder.
-
Availability zone: ID of the availability zone hosting the Hystax Acura Backup VM (obtained when Creating a VM with Hystax Acura Backup).
-
Hystax Service Subnet: ID of the subnet that the Hystax Acura Backup VM is connected to (obtained when Creating a VM with Hystax Acura Backup).
-
S3 Host:
storage.yandexcloud.net
. -
S3 Port:
443
. -
Enable HTTPS: Select the option to enable HTTPS connections.
-
S3 Access Key ID: Access key ID (obtained when Creating a service account).
-
S3 Secret Access Key: Secret key (obtained when Creating a service account).
-
S3 Bucket: Name of the bucket that stores VM backups (you set it when Creating a bucket).
-
Hystax Acura Control Panel Public IP: Replace the value with the Hystax Acura Backup VM's public IP (assigned when Creating a VM with Hystax Acura Backup).
-
Additional parameters: Advanced settings. Do not edit this field.
-
-
Click Next.
Hystax Acura Backup will automatically check whether it can access your cloud. If all the settings are correct, you can log in to the control panel using the previously set username and password.
Prepare and install an agent on your VMs
To install an agent on the VMs to create backups of:
-
Open the Hystax Acura Backup control panel. Click the Hystax logo.
-
Click Download agents on the left.
-
Select the agent type for the OS you need:
- VMware
- Windows
- Linux
-
Click Next.
-
Download and install an agent on the VMs to create backups of:
VMwareWindowsLinux-
In the drop-down list, select a group of VMs to set up agents for, such as
Default
. -
Select New VMware vSphere and fill out the fields:
- Platform Name: Name of the platform.
- Endpoint: public IP address of the ESXi host where the replication agent will be deployed.
- Login: User login (the user must have the administrator permissions).
- Password: Password.
Click Next.
-
Click Download Agent and wait for the agent to download.
-
Deploy the downloaded OVA file with the agent in your cluster on the VMs to create backups of.
-
Start the VMs with the agent.
- In the drop-down list, select a group of VMs to set up agents for, such as
Default
. - Click Next.
- Click Download Agent and wait for the agent to download.
- Unpack the archive and install the agent from the
hwragent.msi
file on the VMs to back up.
- In the drop-down list, select a group of VMs to set up agents for, such as
Default
. - Select Linux distribution type:
- CentOS/RHEL (.rpm package): CentOS or Red Hat-based.
- Debian/Ubuntu (.deb package): Ubuntu or Debian.
- Select driver install method:
- Pre-built: Install a driver binary.
- DKMS: Compile as you install.
- Click Next.
- You will get commands for installing the agent to the VM. Run these commands following the instructions for your distribution and installation method.
-
The VMs will appear in the target group of the Hystax Acura Backup control panel a few minutes after the agent is installed.
Create a VM backup
Once the agent is installed on the VMs to protect, they will appear in the list as Unprotected
.
To enable VM protection:
- Open the Hystax Acura Backup control panel. Click the Hystax logo.
- Under Machines Groups, deploy an instance group, e.g.,
Default
. - In the VM list on the right, click
. - In the** Edit replication settings** menu, set up a replication schedule for the instance group by hour, day, or week, or select continuous protection. Under Volume type, specify the drive type for VM recovery:
network-hdd
,network-ssd
, ornetwork-ssd-nonreplicated
. - In the Edit retention settings menu, set the backup retention period. For more information, see the Hystax documentation
. - Select Start Protection.
VM replication will start. A VM replica will include all the data of the original VM. Therefore, replication can take a long time (depending on the original VM's disk size). The replication status will be displayed in the Status column under Machines Groups. Once it is complete, the VMs will change their status to Protected
.
Create a disaster recovery plan
The DR plan includes a VM description and the network settings. The plan directs which VMs will be recovered to your cloud and specifies the VM configuration, subnet, and IP. You can have a plan generated automatically or create one manually:
-
Open the Hystax Acura Backup control panel. Click the Hystax logo.
-
Check the VMs you need on the list, click Bulk actions, and select Generate DR plan. You can also generate a plan for an instance group by clicking
in the group header. -
In the Name field, enter
Plan-1
. -
In the Subnets section on the right, set the parameters of the subnet to run the recovered VMs in:
- In the Subnet ID field, enter the subnet ID.
- In the CIDR field, specify the subnet's CIDR.
-
Expand the VM description and edit the Flavor name field with parameters of the VM to restore as follows:
<platform>-<cpu>-<ram>-<core_fraction>
. For example,3-8-16-100
.Where:
platform
: VM platform, such as1
,2
, or3
.cpu
: Number of vCPUs.ram
: Amount of RAM.core_fraction
: vCPU performance level.
-
In the Port ip field, enter a new IP address for the VM from the selected subnet.
-
Click Save.
-
Open the Hystax Acura Backup control panel. Click the Hystax logo.
-
Click Add DR Plan.
-
In the Name field, enter
Plan-1
. -
Under Devices & Ranks, click
. In the menu that opens, click Add machine. Select a VM group, e.g.,Default
. Select the VM to add to the DR plan. Repeat the steps for all VMs to recover. -
In the Subnets section on the right, set the parameters of the subnet to run the recovered VMs in:
- In the Subnet ID field, enter the subnet ID.
- In the CIDR field, specify the subnet's CIDR.
-
Expand the VM description and edit the Flavor name field with parameters of the VM to restore as follows:
<platform>-<cpu>-<ram>-<core_fraction>
. For example,3-8-16-100
.Where:
platform
: VM platform, such as1
,2
, or3
.cpu
: Number of vCPUs.ram
: Amount of RAM.core_fraction
: vCPU performance level.
-
In the Port ip field, enter a new IP address for the VM from the selected subnet.
-
Click Save.
Warning
Make sure a valid IP address is specified for each VM.
Run the recovery process
For a VM's recovery from a backup, Hystax Acura Backup will create a new VM with Hystax Acura Cloud Agent in your cloud. This VM will perform all operations in the cloud.
To run a VM's recovery from a backup:
-
Open the Hystax Acura Backup control panel. Click the Hystax logo.
-
Under DR plans, select the previously created plan. Expand plans and edit as required.
-
Click Run Recover.
-
In the Cloud Site Name field, enter a name, such as
Cloud-Site-from-Plan-1
. -
Check that all the required resources are listed under Final DR plan and click Run Recover.
The Hystax Acura Backup control panel will display a section named Cloud Sites. The VM recovery may take a long time. The recovery status will be displayed in the Status column under Machines. Wait until it changes to
Running
. -
Open the management console
and check that all the required resources are successfully restored.
How to delete the resources you created
To stop paying for the resources you created: