Changed block tracking (CBT) enabled
CBT must be enabled on the virtual machines that you wish to back up. Without this, Storage Protect will always perform a full backup of a virtual machine, which will consume a lot of resources for both the Storage Protect client and the Storage Protect server.
A suitable "data mover" VM
This should, ideally, be installed on the vSphere infrastructure that you are planning to back up. The below Windows x64 operating systems are currently supported:
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016*
- Windows Server 2019*
- Windows Server 2022*
* Only Long-Term Servicing Channel (LTSC) products are supported.
IBM's recommended hardware specification for the data mover VM is 16 cores (2.8 GHz) CPU with 8 GB of RAM.
Please note that for virtual environments comprising over 100TB of data, it is recommended to have one data mover for every 100TB. Please see the 'Multiple data movers' section below for more details.
Firewall configuration
When setting up Storage Protect for VMware on a data mover, several ports are used for communication between the data mover and the vCenter server or vice versa. These ports need to be open in any host-based or dedicated firewall between the two machines and are listed in this table:
Source host | Destination port | Destination host | Use | Required? |
---|---|---|---|---|
Data mover machine | 443 | vCenter server | Communication between the data mover and the vCenter server. | Yes |
Data mover machine | 902 | vCenter server | Used for NBD (Network Block Disk) transport. | If data mover machine is not a VM. |
VMs | 3260 | Data mover | Default iSCSI port. | If using iSCSI file-level restore. |
Data mover | 1500 | oxhfs1.hfs.ox.ac.uk oxhfs2.hfs.ox.ac.uk oxhfs3.hfs.ox.ac.uk oxhfs4.hfs.ox.ac.uk |
Storage Protect backup traffic. Destination host will be advised by the HFS Backup Services Team on account setup. | Yes |
Also ensure that the data mover is able to resolve the fully qualified domain name (FQDN) of the ESXi host and the vCenter server. Ping the ESXi host and vCenter server by name from the data mover and confirm it resolves the IP address.
vCenter server and backup user
Storage Protect for VMware communicates with a vCenter server to perform VM backups. The user required for this needs some elevated privileges but does not need to be a full administrator. It is recommended that you set up a new vCenter user specifically for Storage Protect backup and restore.
Please see the 'vCenter Server privileges required for the Data Protection for VMware vSphere GUI and data mover' page on the IBM support site, to find out which privileges the vCenter user will require.
Please note that access to the service is by application. Contact us at hfs@ox.ac.uk to request an account.