Amazon, through its VMware Cloud on AWC (VMC) service enables organizations to run VMware in Amazon AWS. Organizations can use the service for disaster recovery or to migrate applications to the cloud. The transfer between on-premises and VMC is seamless and applications run in the service without modification. However, simply running in Amazon’s cloud does not protect these applications. Organizations need to take steps to make sure they have a reliable point in time backup strategy. The problem is that many current backup solutions won’t work or don’t work optimally with VMC.
Why Protect Amazon VMC
Amazon AWS, like any cloud provider, does an excellent job of protecting its environment from a disaster. The provider’s focus on big events like loss of server, loss of racks and loss of data centers helps ensure system availability but does nothing to protect individual applications from point-in-time corruption, deletions or other failures.
Amazon AWS, and most cloud providers, don’t protect against Johnny accidentally deleting or renaming a file or a database becoming corrupt because of application updates. They also don’t protect against a cyberattack like ransomware. If someone compromises the VMC environment, it results in the same disastrous consequences as if it occurred to an on-premises instance of VMware.
How to Protect Amazon VMC
A VMware service or add-on product that does not run within a VM must carefully adhere to VMware APIs in order to run correctly in Amazon’s VMC. In the case of backup, if the data protection application requires the installation of its software on each physical VMware server, then it is unlikely the software will run in Amazon’s cloud.
A second challenge becomes obvious when trying to decide on a target for backup data. Almost all data protection applications running in VMC require that the organization send their backups back to an on-premises copy of VMware. In the DR use case of VMC, sending backups back to on-premises systems may be impossible because the original data center may no longer exist. In the migration to the cloud use case, the organization may be phasing out the on-premises data center. In both cases forcing the sending of backups out of the Amazon cloud means re-establishing a link, and continuing to invest in on-premises infrastructure.
A third challenge facing backup application vendors is how to utilize fully the Amazon AWS resources that are now at their disposal. In most cases, backup software wasn’t designed to run across multiple compute instances like a typical cloud application. Scaling becomes particularly important in the VMC use case. Once presented with virtually unlimited storage and compute, organizations will consume those resources and rapidly grow their environment. Making sure the backup application keeps pace with that growth is critical.
Most backup applications, if they can use Amazon storage to protect VMC, can only use the current tier to store data. In VMC’s case that tier is Amazon EBS storage, its most expensive storage offering. Amazon has several tiers available and the ability to leverage these tiers can drive down backup storage costs considerably.
What to Look For
Migration to the cloud requires a true cloud data protection application. The application needs the ability to store data in another region in the cloud, as well as the ability to store data on multiple cloud storage tiers based on use case. It also should leverage cloud compute so it can scale to keep up with the organization’s scaling application infrastructure.
To learn more about protecting VMware running in Amazon’s AWS cloud as well as other reasons that VMware backups break, watch our on demand webinar “What’s Breaking Your VMware Backups? And How to Fix Them Quickly“.