Hybrid Backup Recovery (HBR) allows you to back up the images of local VMware vSphere virtual machines and restore these images as needed. This topic describes the preparations that you need to make before backing up data.

(Recommended) Prepare an AccessKey for a RAM user

Resource Access Management (RAM) is an Alibaba Cloud service that helps you manage user identities and access to your cloud resources. You can create and manage multiple RAM users under an Alibaba Cloud account. You can grant different permissions to each RAM user. This allows RAM users to have different access permissions on Alibaba Cloud resources.

An AccessKey is required when you activate a backup client. If the AccessKey of an Alibaba Cloud account is leaked, all cloud resources under the account may be exposed to risk. Therefore, we recommend that you use the AccessKey of a RAM user to activate backup clients. Before you back up data, make sure that a RAM user is created and an AccessKey is created for the RAM user. For more information, see Create a RAM user and Create an AccessKey pair for a RAM user.

Step 1: Create a client

You can use virtual machine backup clients to back up and restore images of virtual machines. To configure a virtual machine backup client and download the client file to a server where vSphere Client is installed, follow these steps:

  1. On the server where vSphere Client is installed, log on to the HBR console.
  2. In the left-side navigation pane, choose Backup > On-Premises Backup. On the On-Premises Backup page, select VMware VM.
  3. On the page that appears, click Create Client in the upper-right corner.
  4. In the Create Client pane that appears, set parameters as required.
    The following table describes the parameters.
    Parameter Description
    Vault Name The name of the backup vault. A backup vault is a repository used by HBR to store backup data in the cloud. You can back up data from multiple backup clients to the same vault.
    • If you have created backup vaults:

      Set Backup Vault Config to Select Vault and select a backup vault from the Vault Name drop-down list.

    • If you have not created any backup vaults:

      Set Backup Vault Config to Create Vault and set Vault Name to create a backup vault. The vault name can be a maximum of 64 characters in length.

    Source Client The source of the backup client. You can select an activated client or create a client.
    Client Name The name of the backup client. The client name can be a maximum of 64 characters in length.
    Software Platform The software platform of the virtual machine from which you want to back up data. Default value: vSphere.
    Network Type
    • Virtual Private Cloud (VPC): Select this option when the virtual machine from which you want to back up data resides in a VPC and is in the same region as the backup vault.
      Note Virtual machine backup clients on the local network are connected to VPCs through routes. You can use a virtual machine backup client to access the IP addresses in the Classless Inter-Domain Routing (CIDR) blocks 100.64.0.0/10, 100.64.0.0/11, and 100.96.0.0/11 of VPCs from a local virtual machine.
    • Public Network: Select this option when VPCs are unavailable.
    Transmit Data On HTTPS Specifies whether to enable HTTPS-encrypted transmission. Your data will be encrypted and stored in a backup vault. You can choose whether to use HTTPS to transmit data based on data encryption. Note that using HTTPS will degrade the data transmission performance. If you modify this configuration, the modification takes effect when the next backup or restore job starts.
  5. Click Create. Then, click Download Client and Download Certificate.
    Note You can install a backup client and activate the client with the downloaded certificate so that you can back up data from a virtual machine to HBR. After you create a backup client, you can also find the client in the client list and download the client file and certificate at any time.

Step 2: Install the client

After you download the client file and certificate, install the backup client on a virtual machine. Then, you can use the backup client to back up and restore virtual machine images. To install the backup client, follow these steps:

  1. Log on to the vSphere Web Client.
    Note Currently, HBR supports only vCenter Server 5.5, 6.0, and 6.5.
  2. In the left-side navigation pane, right-click the target virtual machine and select Deploy OVF Template.
    Note For more information, see Deploying OVF and OVA Templates.
  3. In the Deploy OVF Template dialog box that appears, select Local file. Click Browse, select the downloaded client file, and then click Next.
  4. Enter the name of the open virtual format (OVF) or open virtual appliance (OVA) template, select a location where you want to deploy the template, and then click Next.
  5. Select a location where you want to run the deployed template and click Next.
  6. Verify the details of the template and click Next.
  7. Select the required virtual disk format, select a data store to store files for the deployed template, and then click Next.
  8. Select a destination network for each source network and click Next.
  9. Configure the required deployment properties for the software solution and click Next.
    Note Enter a routable IP address in the target VPC that you want to access. If no domain name server (DNS) for mapping domain names to VPC endpoints is available on your host, enter the server IP address of Alibaba Cloud DNS PrivateZone, such as 100.100.2.136 or 100.100.2.138.
  10. Verify the configurations and click Finish.
  11. View the progress of deployment tasks in the Recent Tasks section.
  12. After deployment tasks are completed, start the virtual machine on which the OVF or OVA template is deployed.
  13. Open a browser and enter http://hostname:8011 in the address bar.
    Note Replace hostname with the IP address of the virtual machine on which the OVF or OVA template is deployed.
  14. In the Register dialog box, set parameters as required and click Register to log on to the HBR gateway. The following table describes the parameters.
    Parameter Description
    AccessKey ID The AccessKey ID of the Resource Access Management (RAM) user used to access HBR. You can obtain the AccessKey ID and AccessKey secret of a RAM user under your Alibaba Cloud account for which HBR is activated. For more information, see Create an AccessKey for a RAM user.
    AccessKey Secret The AccessKey secret of the RAM user used to access HBR. You can obtain the AccessKey ID and AccessKey secret of a RAM user under your Alibaba Cloud account for which HBR is activated. For more information, see Create an AccessKey for a RAM user.
    Password The password used to log on to the backup client. The password must be at least six characters in length.
    Certificate The certificate that is downloaded from the HBR console. If a virtual machine is shut down for more than five days after you use the certificate to activate the client on the virtual machine, the certificate expires. In this case, you must download a new certificate and reactivate the client.

FAQ

  • Why do I fail to import an OVA template for a virtual machine?

    Currently, you can deploy an OVA template only on a vSphere Web Client that runs based on vCenter Server 5.5, 6.0, or 6.5. If an error occurs when you import an OVA template, perform the following operations for troubleshooting:

    • Check whether the version of vCenter Server is supported by HBR.
    • For vCenter Server 6.0, use Firefox of an earlier version such as 38.0 to deploy the OVA template.
    • If a message appears to remind you of a common error, we recommend that you switch the language of your browser to English and try again.
  • Why do I fail to add a vCenter Server instance to the HBR gateway when the IP address, username, and password are correct?

    If the password contains the following special characters, the vCenter Server instance may fail to be added:

    ` ^ ~ = ; ! / ( [ ] { } @ $ \ & # % +

    Note We recommend that you create a vCenter Server account with the administrator permission as a dedicated account for data backup. We also recommend that you use periods (.) as special characters in the password.