Protected Item types ¶
Overview ¶
Cloud Backup supports a range of different types for your Protected Item configuration, including file, application, system, and VM backup types.
"Files and Folders" items ¶
The "Files and Folders" option lets you back up files and folders on the PC.
Use the Plus button to browse files and folders for backup. You can also drag-and-drop files and folders into the Cloud Backup client to select them.
The "Choose files" dialog displays a live estimate of the selected filesize (before compression and deduplication).
Filesystem snapshots ¶
On Windows, the "Take filesystem snapshot" option creates a VSS snapshot.
This enables Cloud Backup to back up files that are currently in-use. It also provides disk-wide "crash-consistency", as all files for backup will originate from the precisely same timestamp.
Non-Windows platforms do not currently require the use of this feature to back up in-use files, however, they also do not benefit from the disk-wide consistency.
Current versions of Cloud Backup cannot take filesystem snapshots of a Protected Item located on a network share; be sure to disable the "Take filesystem snapshot" option on the Protected Item.
Windows supports taking VSS snapshots of NTFS
and
ReFS
filesystems. Cloud Backup can snapshot these
filesystems for backup.
Windows does not support taking VSS snapshots of
FAT
or exFAT
filesystems. Protected
Items backing up these filesystems must not use the "Take
filesystem snapshot" option.
This feature is enabled by default for new Protected Items.
Network shares ¶
Cloud Backup supports backing up Windows network shares (SMB / CIFS). However, you should prefer to install Cloud Backup directly on the network device; this will offer increased backup performance.
On Windows,
- The "Choose Items" dialog lets you browse through mapped network drive letters. You can also use the "Options > Browse UNC Path" option to directly browse a UNC path.
- Cloud Backup supports entering custom Windows Network Authentication credentials via the "Log in to network share" option. If you select a network share for backup, you may need to enter custom credentials in order for the service user account to access the network share.
- Because mapped network drives are private to a user session, Cloud Backup automatically converts mapped network drive letters into their UNC path equivalent, so that it can still be accessed by the service user account.
Current versions of Cloud Backup cannot take (VSS) filesystem snapshots of a Protected Item located on a network share; be sure to disable the "Take filesystem snapshot" option on the Protected Item.
On non-Windows platforms,
- You should mount the network share locally before backing it up.
Encrypted files (Windows EFS) ¶
EFS is a Windows feature that allows you to encrypt individual files on disk. Cloud Backup supports backing up EFS-encrypted files on Windows. The files will be silently decrypted if possible (e.g. if Cloud Backup is running as the encryption user, or if Cloud Backup is running as the EFS Recovery Agent user).
If it is not possible to automatically decrypt the file for backup, Cloud Backup will back up the file in its encrypted form, and will only be able to restore it in its encrypted form. EFS-encrypted files are displayed with green text in the Restore browser dialog in Cloud Backup.
If you have a PC failure, the EFS encryption keys may be lost. In this situation, the EFS-encrypted files may be unusable, even after restoring from backup. Cloud Backup warns you about this situation by adding a warning message in the backup job log.
In order to safely prepare for this scenario, you should export
the PC's EFS encryption keys, so that the files can be accessed
after a PC failure. On Windows, you can do this via
certmgr.msc
; or on Windows Server, taking a System
State backup may be sufficient.
Once you have safely backed up the PC's EFS encryption keys, you can suppress the warning in Cloud Backup by enabling the "I confirm EFS keys are exported" option in the Protected Item settings.
If you have only a partial PC failure (e.g. files lost, but OS installation and user accounts remain intact) the EFS-encrypted files will be restorable without any further attention to the EFS keys.
Finding files using EFS ¶
You can use the cipher /u /n
command to list all
files on the local PC that are EFS-encrypted.
Finding the certificate used to encrypt a file ¶
You can use the cipher /C C:\path\to\file.txt
command
to display the user accounts and certificates that are able to
decrypt a file. This may indicate which user originally encrypted
the file and/or which EFS certificates are necessary for backup.
Windows Server Deduplication ¶
Windows Server 2012 and later have a data deduplication feature that is separate- and unrelated- to Cloud Backup's own deduplication, that can be used to increase free disk space on NTFS volumes. A scanning process runs in the background to find and merge duplicate file content. By default, the scanning process runs overnight.
Deduplicated files look and behave like normal files; however, they are stored on disk in a special format, that can only be read by Windows Server (and Linux). Non-Server versions of Windows are entirely unable to read these files from disk.
When backing up deduplicated files with Cloud Backup, it backs up the full (rehydrated) file content, and then applies its own deduplication to it. This means that Windows Server deduplicated files can be safely restored to non-Server versions of Windows.
When restoring deduplicated files from Cloud Backup, the files are restored in their full (rehydrated) format, and are not re-deduplicated until Windows runs its next background scanning pass. This means that you may not have enough free disk space to completely restore a backup to the same source drive.
Exclude filters ¶
You can exclude a range of files from the backup job. An exclusion filter checks whether to exclude each file from backup, using either a glob pattern or a regular expression (regex).
There is no limit to the number of exclusion filters you can add to a single Protected Item.
Glob pattern match ¶
Cloud Backup can exclude files based on a glob pattern. Any files matching the glob pattern will be excluded from the backup job.
The expression is tested against the full disk path to the file.
Your glob expression can be a partial match (e.g.
*.txt
) or a fully anchored match (e.g.
C:\path\to\file.docx
).
Some special characters and wildcards are allowed:
-
A star (
*
) skips zero or more characters within a filename -
A double-star (
/**/
) skips any number of directory components -
A question-mark (
?
) skips a single character within a filename -
Square brackets denote a character class (e.g.
[0-9]
) within a directory or file name
Regular expression match ¶
Cloud Backup can exclude files based on a regular expression (regex). Any files matching the regular expression will be excluded from the backup job. The specific syntax flavour is that of the Go regexp library.
The regular expression is tested against the full disk path to the file. This enables filtering by path component, or (on Windows) drive letter.
By default, the regular expression is
-
case-sensitive. You can perform a case-insensitive match by
adding an
(?i)
expression -
non-anchored. You can restrict your regex to the start- or end-
of the file path by using the
^
,$
,\A
and/or\z
expressions.
Forwardslash (/
) is not a special character and does
not require escaping with \/
.
An invalid regular expression will prevent a backup job from running.
System exclusions ¶
The Cloud Backup system automatically excludes certain folders.
On Windows, Cloud Backup skips
-
The
$RECYCLE.BIN
andSystem Volume Information
directories in any drive root - The
C:\Recovery
directory -
The
C:\pagefile.sys
,C:\hiberfil.sys
, andC:\swapfile.sys
files -
The
MicrosoftEdge.exe
file-
This is intended to work around an issue with
The file cannot be accessed by the system
messages affecting Windows 1803 and later.
-
This is intended to work around an issue with
- Invalid
.DFSFolderLink
files
On Linux, Cloud Backup skips
- The
/proc
directory - The
/sys
directory - The
/selinux
directory -
The
/dev
directory (as of Cloud Backup 18.11.0)
On macOS, Cloud Backup skips
-
The
/dev
directory (as of Cloud Backup 18.11.0) -
The
/Users/.../Library/VoiceTrigger/SAT
directory (as of Cloud Backup 19.9.6)-
This is a protected
AF_DATAVAULT
directory that is inaccessible with SIP enabled (the default).
-
This is a protected
Rescan unchanged files ¶
In a regular "Files and Folders" backup, Cloud Backup will skip over files that have the same file size and modification time as the last backup job. If these properties are the same, Cloud Backup will refer to previous chunks and not re-chunk the file. This dramatically improves performance.
If you are working with certain types of files that change content without updating their modification time attribute on the filesystem - for instance, applications that use direct disk I/O instead of filesystem functions; some database data files; or VeraCrypt container files - then the above is obviously unsatisfactory for ensuring backup integrity. In this case, you can enable the "Rescan unchanged files" feature to cause Cloud Backup to chunk every encountered file. This has some performance penalty but does ensure backup integrity in the presence of such files.
"Program Output" items ¶
The "Program Output" backup type backs up the
stdout
(Standard Output) stream of any command
execution. This stream data is saved as a virtual file within the
backup job. You can choose the virtual file name.
The data is streamed directly to the backup destination and never touches the local disk. This has the consequence that no progress bar or ETA can be calculated or displayed during backup jobs.
If the target application produces any content on
stderr
(Standard Error), it will be logged in the job
report, and the final job status will not be less severe than
"Warning".
If the target application exits with a non-zero error code, the error code will be logged in the job report, and the final job status will not be less severe than "Error".
"Microsoft Exchange Server" items ¶
Using this Protected Item type may incur a Booster charge.
This Protected Item type backs up Microsoft Exchange Server
databases. The underlying technology is VSS
and is
compatible with Microsoft Exchange Server 2007 and later,
including Exchange Server 2016 (the latest version at the time of
writing).
The appropriate VSS writer must be installed.
As Exchange Server can only be installed on Server SKUs of Windows, this backup type is only applicable when running on Windows Server.
Some forms of Exchange Server backup will cause log truncation to occur on the Exchange Server. For more information, please see the official Exchange Server documentation. If circular logging is enabled on the Exchange Server, the 'Incremental' and 'Differential' backup types have limited effect.
Exchange Server 2007 ¶
By default, Exchange 2007 does not enable the VSS writer. The VSS writer may have been enabled by another backup system installed on the PC.
If you encounter error messages like
Couldn't find Exchange Server installation on this device
or Failed to perform VSS snapshot
on a machine
running Exchange 2007, the Exchange VSS writer
(MSExchangeIS
) may not be enabled.
-
You can confirm whether this is the case by checking for
Microsoft Exchange Writer
in the output ofvssadmin list writers
, or, in the Browse dialog for a new "Application Aware Writer" Protected Item.
You can manually activate the Exchange VSS writer by making the following steps:
-
Open
regedit
and navigate toHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
-
Change the
Disable Exchange Writer
value from1
to0
-
Restart the
Microsoft Exchange Information Store
service
For more information on this issue, please see Microsoft's own documentation at http://support.microsoft.com/kb/838183/en-us .
Restore ¶
The Cloud Backup snapshot of Exchange Server includes the
*.edb
file, the
*.log
/*.stm
/*.chk
files,
and/or other files.
To restore data, you can either
- reinstate the Information Store files directly as a whole. This approach is suitable in a disaster recovery situation; or
- recover individual items. This allows you to access individual mailboxes and messages without affecting the existing mounted database. This approach is suitable if you only need to access some small parts of past data that has since been deleted or corrupted, without affecting the current running Exchange Server state.
Full EDB Recovery ¶
One option for restoring the Exchange EDB is to replace the full EDB file.
You can replace the EDB and log files on the Exchange Server with the restored versions. This approach is suitable for disaster recovery.
In the Exchange Server console:
- Dismount the existing Exchange Server Store
-
Replace files on disk with the restored copies.
-
The path must match the original copy because the
transaction log files include an embedded path to the
*.edb
/*.stm
files. If the EDB file was backed up from a different disk location, you should first use the "Move database" feature to update Exchange Server to look for the database files in their original location. For more information, see this Microsoft article.
-
The path must match the original copy because the
transaction log files include an embedded path to the
- Mount the Exchange Server Store
Recovery Database mode ¶
Another option for restoring the Exchange EDB is to mount it as a recovery database (RDB).
Once mounted, you can attach Outlook to the recovery database, or
use the New-MailboxRestoreRequest
PowerShell command
to extract a PST mailbox.
For more information, see this Microsoft article.
Extract EDB contents ¶
Another option for restoring the Exchange EDB is to use a third-party application to extract content.
Third-party applications can read the content of the EDB file to extract individual messages, contacts, or other mailbox items.
At the time of writing, the following programs were available:
- Stellar products, including but not limited to Stellar Converter for EDB, Stellar Repair for Exchange, Stellar Toolkit for Exchange
- Quest Recovery Manager for Exchange
- Kernel Exchange EDB Viewer
- Systools Exchange EDB Viewer
"Microsoft Hyper-V" items ¶
Using this Protected Item type may incur a per-hypervisor Booster charge.
This Protected Item type backs up Microsoft Hyper-V virtual
machines. The underlying technology is VSS
and is
compatible with all versions of Hyper-V running on Windows Server,
including Windows Server 2016 (the latest version at the time of
writing).
This backup type is only applicable when running on Windows Server. Hyper-V on Windows Desktop is not supported by this Protected item type.
Cloud Backup integrates with the Hyper-V VSS writer to perform a Hyper-V backup snapshot, including support for in-VM quiescence on supported guest operating systems.
Backing up a Hyper-V virtual machine with Cloud Backup includes, but is not limited to:
- its configuration file
- all attached virtual drives
- the contents of memory (if the machine was running)
- the full tree of saved checkpoints
You can select individual virtual machines for backup, or choose "All virtual machines".
Consistency and guest additions ¶
The following information applies to all products that perform Hyper-V backup.
When backing up a guest VM, it's important to get a consistent state of the VM. There are some different ways this happens.
If the guest OS has all necessary Hyper-V integration services installed, then the host can request for the guest VM to take a VSS snapshot. The snapshot is then exposed to Hyper-V on the host for Cloud Backup to back up. It shouldn't interrupt the guest OS. The VM backup is application-consistent. This is known as a "Production checkpoint".
If the host OS is running Server 2012 R2 or newer, but there are no integration services inside the guest OS, then Hyper-V will take a checkpoint of the VM; Cloud Backup will back up the checkpoint; and then the checkpoint will be removed. This kind of checkpoint does not interrupt the guest OS. The VM backup is crash-consistent. This is known as a "Standard checkpoint".
- You can also achieve this behavior by disabling "Production checkpoints" in the Hyper-V settings for the VM.
If the host OS is older than Server 2012 R2, and there are no integration services inside the guest OS, then the VM will be paused; Windows will take a VSS snapshot of Hyper-V's files in paused state; the VM will be resumed and Cloud Backup will back up from the VSS snapshot. It would cause a short interruption to the guest OS. The VM backup is crash-consistent.
- You can also achieve this behavior by disabling checkpoints in the Hyper-V settings for the VM.
Replica VM ¶
The following information applies to all products that perform Hyper-V backup.
If you are using Hyper-V replication, you can back up your virtual machines from either the primary or replica host.
A backup taken on the primary VM host is application-consistent (if possible), by quiescing a VSS snapshot inside the VM guest; or crash-consistent otherwise. However, a backup taken on the secondary VM host is only ever crash-consistent, because the replica VM is not running in order for guest integration services to take a VSS snapshot.
Current versions of Hyper-V do not allow backing up a VM that is
currently replicating. If a VM is found to be currently
replicating at the time of backup, Cloud Backup will retry the
operation a few times. If you repeatedly see errors of the form
The virtual machine '...' cannot start a backup operation
because it is currently executing a conflicting operation. Try
the backup again.
, and you are running backups from the replica VM host, you could
consider
- scheduling the backup job to run at a time when it's more likely that the VM replication is up-to-date; or
- using Before / After commands in Cloud Backup to temporarily stop VM replication while the backup job is running.
For more information about backing up a replica VM, see https://blogs.technet.microsoft.com/virtualization/2014/04/24/backup-of-a-replica-vm/
Pass-through disks ¶
The following information applies to all products that perform Hyper-V backup.
Hyper-V supports passthrough disks, to attach a physical disk from the host directly into the guest VM. This unmounts it from the host OS.
Hyper-V itself does not support backing up passthrough disks (nor does it support replicating them). A Hyper-V backup of the guest machines can be taken from the host, but does not include any data from passthrough disks.
You can work around this issue by either
- installing Cloud Backup inside the guest VM, and backing up the extra data at a file level (this will use an extra Device license); or
-
changing your passthrough disks to be a real disk containing a
large
.vhd
or.vhdx
file. The "New Virtual Disk Wizard" in Hyper-V Manager has an option to convert an existing disk to a.vhd
or.vhdx
file.
For more information about backing up passthrough disks in Hyper-V, see https://blogs.technet.microsoft.com/virtualization/2009/03/03/working-around-the-pass-through-limitations-of-the-hyper-v-vss-writer/
"Microsoft SQL Server" items ¶
Using this Protected Item type may incur a Booster charge.
This Protected Item type backs up a Microsoft SQL Server database.
The underlying technology is VDI
and is compatible
with SQL Server 2005 and later, including SQL Server 2019 (the
latest version at the time of writing).
No data is spooled to the local disk. As per the "Program Output" type, no progress bar or ETA appears during a Microsoft SQL Server backup.
Databases are backed up one-at-a-time. If you require point-in-time consistency across multiple databases, please use the "Application-Aware Writer" option instead.
Connection details ¶
Connection details should be supplied before selecting databases. Cloud Backup will only connect to SQL Server running on the local machine. You must enter the instance name, or leave the field blank to use the default instance.
Address ¶
The address is always localhost
, but Cloud Backup
does not use TCP addresses or TCP ports to connect to SQL Server
instances. Cloud Backup uses "Shared Memory" to connect
to SQL Server instances.
Cloud Backup's use of "Shared Memory" connection does improves performance for some operations, at the expense of only working on the local machine; but Cloud Backup's use of VDI requires it to run against the local machine anyway.
If you encounter issues connecting to your SQL Server, you must ensure that "Shared Memory protocol" is enabled in SQL Server Configuration Manager.
Driver ¶
OLE DB
and ODBC
are data access methods
that use pluggable "drivers" / "providers" for
connecting to databases like SQL Server. The following drivers for
OLE DB
/ ODBC
support SQL Server:
Driver | TLS 1.2 Support | Notes |
---|---|---|
MSOLEDBSQL |
Yes | Included with SQL Server 2016 and 2017; Optional download from https://www.microsoft.com/en-us/download/details.aspx?id=56730 |
SQLNCLI11 |
Yes | Included with SQL Server 2012 and 2014; Optional download from https://www.microsoft.com/en-us/download/details.aspx?id=50402 |
SQLNCLI10 |
No | Included with SQL Server 2008 |
SQLNCLI |
No | Included with SQL Server 2005 |
SQLOLEDB |
No | Included with SQL Server (all versions); Included with Windows since XP / Server 2003 |
Cloud Backup has been upgraded over time to support trying additional drivers:
Cloud Backup Version | Preferred driver | Fallback driver(s) |
---|---|---|
>= 18.9.6, >= 18.8.6 | MSOLEDBSQL |
SQLNCLI11 , SQLOLEDB |
18.9.5 | MSOLEDBSQL |
SQLOLEDB |
18.9.4, 18.8.5 and older | SQLOLEDB |
None |
You can list your installed drivers
-
for
ODBC
, via theodbcad32.exe
program > "Drivers" tab; or -
for
OLE DB
, via this PowerShell snippet.
Authentication ¶
Cloud Backup allows you to connect to SQL Server using either
Windows authentication (running as the backup service account -
usually
NT SERVICE\backup.delegate
or SYSTEM
),
or native SQL Server authentication.
-
If you are using Windows Authentication, the connection occurs
as the backup service account.
-
You can assign this Windows user account to have
sysadmin
rights within SQL Server.
-
You can assign this Windows user account to have
- If you are using SQL Server authentication, you must enter a valid username and password to connect to SQL Server.
Impersonation is not currently available for Windows authentication. Future versions of Cloud Backup will support impersonation for Windows authentication.
Multiple instances ¶
Cloud Backup supports backing up multiple instances from SQL Server. You can select an instance for backup, by entering the instance name in the "Instance Name" field. Leave this field blank to use the default instance.
Cloud Backup automatically lists available instances for selection in the drop-down menu.
A future version of Cloud Backup will make the instance dropdown list available for remote administration in Cloud Backup Server.
Backup mode ¶
By default, Cloud Backup opts to make a full database export from SQL Server, and then uses its own deduplication system to optimise the stored/uploaded data.
This is the "Full (copy only)" option. It is equivalent
to the BACKUP WITH COPY_ONLY
T-SQL statement.
Because Cloud Backup can efficiently deduplicate full image backups, it is normally sufficient to only take full backups of SQL Server in Cloud Backup.
Base images ¶
You have the option to use SQL Server's own differential/log backup system. This may be more efficient, but it does require additional administrative work, and complicates the process of restoring data.
The SQL Server maintains one single point-in-time reference, from which it can produce differential backups and/or log-based backups. When you take a new "Full (base image)" backup, the point-in-time reference is moved forward, so that any future differential and/or log-based backups are based on the last base-image backup.
To use SQL Server's own differential/log backup system, you must create multiple Protected Items (each with a different schedule) in order to capture both a base image and a differential/log backups. By creating multiple Protected Items, you can individually schedule, report-on, and manage retention policies for both base and differential/log backups.
If you are using Cloud Backup alongside another product for SQL server backups, you should ensure that only one product is taking base-image backups. Otherwise, it's possible that a chain of differential/log backups would be incomplete.
Differential ¶
Cloud Backup can use SQL Server's own systems for differential
backup. In this mode, you can regularly make "differential
base" backups, and then a series of small "differential
increment" backups, each containing the difference from the
last base backup. These operations are equivalent to the
BACKUP
and
BACKUP WITH DIFFERENTIAL
T-SQL statements
respectively. Cloud Backup will still deduplicate multiple base
backups that are sent to the same Storage Vault.
This is the "Differential increment" option.
Log ¶
You can opt to use SQL Server's own systems for log backup. In this mode, you must periodically take full (base image) backups, and regularly take log backups.
You have the choice of whether to apply log truncation. These
operations are equivalent to the BACKUP LOG
and
BACKUP LOG WITH NO_TRUNCATE
T-SQL statements
respectively. Cloud Backup will still deduplicate all data that is
sent to the same Storage Vault.
To use SQL Server's own log system, you must create multiple Protected Items (each with a different schedule) in order to capture both full and log backups.
This mode requires that the database Recovery Model is set to "Full" or "Bulk Logged" in SQL Server. For more information, please see https://msdn.microsoft.com/en-us/library/ms189275.aspx .
Recommendations ¶
In general, we would recommend using the default "Full" backup technique.
SQL Server's native differential/log systems may be used if you experience performance issues with the default mode, however, you must ensure that
- No other backup systems are resetting the last base backup;
- Whenever the differential/log backs up successfully, that the base has also recently backed up successfully;
- Base backups are performed regularly to minimise differential overhead; and
- Retention is carefully managed to ensure that recovery is possible
Alternative ways to back up Microsoft SQL Server ¶
You can use the "Application-Aware Writer" type to back up SQL Server using the VSS Writer. Compared to Cloud Backup's standard VDI approach, this option enables more detailed progress information, and can take a consistent point-in-time snapshot of multiple databases at once; but offers more limited control over SQL Server features such as log truncation. The resulting files also must be restored in a different way.
You can use Cloud Backup's "Commands" feature to call
osql
/sqlcmd
to run a T-SQL
BACKUP
statement against the database, and then back
up the resulting spooled file with the "Files and
Folders" type. This option requires more temporary disk space
than the built-in system above.
You can use the "Files and Folders" type to back up individual database files if the "Take filesystem snapshot" option is selected. However, the "Files and Folders" backup type does not invoke SQL Server's VSS writer, so this would (at best) produce a "crash-consistent" backup and is not recommended.
"MySQL" items ¶
This Protected Item type backs up a MySQL database. It is also compatible with MySQL-compatible servers such as MariaDB and Percona Server. It works at the logical (SQL) level.
No data is spooled to the local disk. As per the "Program Output" type, no progress bar or ETA appears during a MySQL backup.
Databases are backed up one-at-a-time. Point-in-time consistency is only preserved on a per-database basis.
Connection details ¶
Connection details should be supplied before selecting databases. Fill in the fields at the bottom of the dialog window.
Selecting databases ¶
Use the plus button on the right to open a database browser, allowing you to select individual databases for backup. Use the dropdown-plus button to add a custom property.
Custom mysqldump ¶
MySQL support works at the logical (SQL) level using
mysqldump
. A copy of this program must be found on
the device in order for the backup job to run.
The mysqldump
binary is selected as follows:
-
If a custom path to
mysqldump
has been set, this binary is used. -
Otherwise, if there is a version of
mysqldump
installed (e.g. you are backing up a MySQL server from the server itself), the local version ofmysqldump
will be used to ensure maximum compatibility. -
Otherwise, if no copy of
mysqldump
can be found, the Windows version of Cloud Backup bundles a recentmysqldump
binary in compliance with its license. -
If no suitable
mysqldump
binary is found, the MySQL backup job will fail with an error messageCouldn't find 'mysqldump' anywhere
. This failure can be detected via the backup job's status or its log entries.
On Linux, you can install a copy of mysqldump
as
follows:
Distro | Command |
---|---|
Debian, Ubuntu | apt-get install mysql-client |
CentOS, RHEL | yum install mysql |
System databases ¶
Cloud Backup supports backing up the built-in system databases if desired.
-
The
mysql
database contains server configuration, including user accounts and grants. It should only be restored to the same major release of MySQL. -
The
information_schema
database is a set of read-only views and does not need to be restored. -
The
performance_schema
database is a set of aggregated statistics and does not need to be restored. -
The
sys
database (in MySQL 5.7.7 and higher) is a set of performance statistics and does not need to be restored. If your version of MySQL does not successfully back up this table, it is safe to exclude it from the backup settings.
Isolation modes ¶
Cloud Backup allows you to select the isolation mode used when reading data from MySQL. You should select the most appropriate isolation mode for your MySQL engine type.
The following options are available:
Isolation Mode | InnoDB | MyISAM | Detail |
---|---|---|---|
Transaction | Consistent | Inconsistent | Wrap all read access in a single transaction, so that the read data is consistent |
Lock tables (default) | Consistent, but slow | Consistent, but slow |
Lock access to database before reading it, so that the read
data is consistent. This requires that the MySQL user
account has been granted the
LOCK TABLES permission
|
None | Inconsistent | Inconsistent | Do not take a transaction and do not lock tables. |
"MongoDB" items ¶
Using this Protected Item type may incur a Booster charge.
MongoDB is a general purpose NoSQL database developed by MongoDB, Inc.
MongoDB databases are supported as a Protected Item type.
No temporary disk space is required: database content is streamed directly from the MongoDB server into Cloud Backup's chunking deduplication engine without requiring any temporary disk space. All backup jobs require only incremental storage using Cloud Backup's chunking technology.
Backing up data from your MongoDB server will cause some additional load on the MongoDB server for the duration of the backup job.
Version support ¶
The underlying technology is mongodump
. Cloud Backup
will use your system installed mongodump
version for
best compatibility with the exact feature set of your MongoDB
server. This is the officially supported mechanism for backing up
a MongoDB database.
This technology is also compatible with MongoDB forks, variants and cloud services, including but not limited to
-
Self-hosted MongoDB server software
- MongoDB Community Server
- MongoDB Enterprise Server
- TokuMX / Percona Server for Mongo
- Cloud hosted MongoDB services (SaaS)
Cloud Backup will search the PC for the system installed
mongodump
and mongo
shell binaries. If
your binaries are installed in a normal system location, Cloud
Backup will find and use the most recent available binary. If you
have special requirements, or if Cloud Backup is unable to
automatically detect the binary path, you can override the binary
path to use a custom mongodump
and
mongo
shell binary.
Connection details ¶
Connection details should be set before picking databases for backup. Enter your MongoDB connection details in the lower part of the window.
Cloud Backup supports connecting to MongoDB in different ways:
-
Direct connection
-
Enter a hostname and port for the MongoDB server (
mongod
/mongos
). The default port is 27017.
-
Enter a hostname and port for the MongoDB server (
-
Direct connection through SSH tunnel
-
Cloud Backup will open an SSH tunnel to the remote server,
and then run the locally installed
mongodump
binary against the forwarded port connection. The use of SSH as a transport layer is independent of whether SSL is also enabled (described below).
-
Cloud Backup will open an SSH tunnel to the remote server,
and then run the locally installed
-
Replica set
-
You must specify the name of the replica set (e.g.
rs0
) - Add the hostname and port for each of the replica set members that are reachable from the Cloud Backup device.
-
When using Replica Set connection in Cloud Backup, Cloud
Backup will only read data from one of the members. You can
use the "read preference" option to choose which
MongoDB server Cloud Backup will prefer to back up from.
-
Primary
- Cloud Backup will attempt to back up from the primary. If the primary server is unreachable, the backup job will fail.
-
Primary preferred
- Cloud Backup will attempt to back up from the primary, but will back up from the secondary if the primary is unreachable.
-
Secondary
- Cloud Backup will attempt to back up from the secondary. If the secondary server is unreachable, the backup job will fail.
-
Secondary preferred
- Cloud Backup will attempt to back up from the secondary, but will back up from the primary if the secondary is unreachable.
-
Nearest
- This option will back up data from the server in the replica set that has the lowest latency (ping) to the Cloud Backup device.
-
Primary
-
You must specify the name of the replica set (e.g.
Cloud Backup supports the following transport layers:
- Plain
-
SSL (TLS)
- If your MongoDB server is using self-signed certificates, you can choose whether to trust an invalid SSL certificate from the MongoDB server.
Authentication ¶
Cloud Backup supports the following authentication mechanisms:
- Unauthenticated
-
Username/password (
SCRAM
)-
You must specify the authentication database for looking up
the credentials inside MongoDB. The default authentication
database is
admin
.
-
You must specify the authentication database for looking up
the credentials inside MongoDB. The default authentication
database is
-
Client certificates (
MONGODB-X509
)- This option is only available if the MongoDB server connection is going over an SSL (TLS) transport layer.
-
To use this feature, you should have a
.pem
file that contains the client SSL (TLS) certificate, intermediates, and private key in textX.509
format. - A private key password is optionally supported.
Other authentication mechanisms are not currently supported in Cloud Backup (e.g. neither Kerberos / LDAP when using MongoDB Enterprise; nor, custom authentication mechanisms used by MongoDB software variants).
Sharding ¶
Cloud Backup can backup a MongoDB replica set with a consistent point-in-time snapshot.
Cloud Backup can back up a sharded MongoDB cluster, but depending on your MongoDB server version, there are some limitations:
- In MongoDB 4.2 and later, the backup may not be point-in-time consistent, unless writes are temporarily suspended to the MongoDB cluster (e.g. by running custom Before and After commands on the Cloud Backup Protected Item configuration).
- If you are using a variant MongoDB engine (e.g. Amazon DocumentDB or Azure CosmosDB), different consistency guarantees may apply to sharded backups. You should check with your vendor for additional information.
To back up a sharded cluster in Cloud Backup, enter the
mongos
front-end server in the Cloud Backup
connection details.
When backing up from a mongos
server, Cloud Backup
cannot make use of the "read preference" selection as
data is proxied through mongos
. The backup will read
from the primary replica set member of each shard replica set.
Selecting databases ¶
Use the plus button on the right to open a database browser, allowing you to select individual MongoDB databases for backup.
Cloud Backup will back up all MongoDB collections within the selected MongoDB databases.
Restore ¶
Cloud Backup's MongoDB Protected Item type produces a
.bson
file for each selected MongoDB database. You
can restore all databases, or selected databases only.
When restoring, you can choose to either
-
restore back to a
.bson
files on disk, and then import them into your MongoDB server; or - you can use the Program Input restore type to pipe the restore data directly back into your MongoDB server
"Windows Server System State" items ¶
Cloud Backup integrates with Windows Server System State to
support backing up System State .vhd
files using the
wbadmin
technology. This feature is only available on
certain versions of Windows Server with the "Server Backup
Role" feature enabled.
A Windows Server System State backup may include Active Directory, boot files, the COM+ registration, the system Registry hive, and/or other system files.
A local path must be used for spooling temporary data. Spooled temporary data will be removed once the backup job completes. The selected path
- must be a bare root drive, and
- must support VSS, and
- must have at minimum 10GB free space, and
-
on Server 2008 and Server 2008 R2, must not reside on a
"critical" volume
- You can work around this issue by applying the registry change in Microsoft KB944530.
-
must appear to Windows as fixed, not removable - regardless of
whether it is physically an internal or external drive
- You can work around this issue for a removable drive by sharing a folder on the drive, and setting its UNC path as the spool directory.
For more information about Windows Server System State backups, please see
- Backing Up System State Data https://technet.microsoft.com/en-us/library/cc938537.aspx
- Wbadmin https://technet.microsoft.com/en-us/library/cc742124(v=ws.11).aspx
Restoring ¶
Once you restore the .vhd
file with Cloud Backup, you
can use the wbadmin start systemstaterecovery
command
to apply a System State .vhd
backup to an installed
copy of Windows Server.
Alternative ways of backing up System State ¶
Note that because wbadmin
is used, spool space is
required. As an alternative, you can back up System State by using
the "Application-Aware Writer" Protected Item type. This
produces a similar result, but
- no spool space is required; and
-
the files are not collected in a
.vhd
file. This may produce better deduplication at the expense of missing bootloader files.
"Windows System Backup" items ¶
Cloud Backup integrates with Windows System Backup to support
backing up entire system volumes as .vhd
/
.vhdx
files using the
wbadmin
technology.
Choose volumes to back up, and/or choose "all critical volumes".
-
You can choose a volume by its drive letter (e.g.
C:\
), or by a qualified Windows volume reference for volumes without a drive letter (see the output offsutil volume list
).
A local path must be used for spooling temporary data. Spooled temporary data will be removed once the backup job completes. The selected spool path
- must be a bare root drive, and
- must not be included as one of the selected volumes, and
-
must appear to Windows as fixed, not removable - regardless of
whether it is physically an internal or external drive
- You can work around this issue for a removable drive by sharing a folder on the drive, and setting its UNC path as the spool directory.
Restoring (Data drive) ¶
Once you restore the .vhd
file with Cloud Backup, it
can be mounted in Windows, or it can be browsed (e.g. in 7-Zip),
or it can be attached to a virtual machine, or it can be written
out to a physical volume. This will allow you to access and
extract individual files and folders within the backup.
Restoring (Bootable Operating System) ¶
If you included the OS drive in the backup, it is possible to restore the OS to a bootable state, provided some additional conditions are met:
The following method of restoring the OS requires that you included the "System Reserved" partition in the backup job; either by manually including the volume, or by choosing "All Critical Volumes" in the volume selection.
If you do not include the "System Reserved" partition in
the backup job, the resulting .vhd
/
.vhdx
is a data-only file. In that situation you may
need to manually recreate an NTLDR bootloader (using the
bootsect
and bcdedit
commands) before
the machine can be booted.
If you are backing up a machine that booted via EFI, you may also need to backup and restore the EFI System Partition (ESP).
Note that Windows OS installations do specialize themselves for
the current hardware, and backup images are not automatically
pre-prepared for hardware independence. An operating system image
may only boot on identical- or highly-similar hardware. This issue
originates from the wbadmin
"Windows System
Backup" technology and is not specific to Cloud Backup's
implementation. You may find more information online.
Using Windows Recovery ¶
Once you restore the .vhd
/
.vhdx
file(s) with Cloud Backup, you can boot into
either Windows Recovery or the Windows install media, and choose
the "System Image Recovery" option.
It may be mandatory to keep the files in the
WindowsImageBackup
subdirectory on the root drive, in
order for the "System Image Recovery" GUI to find the
files. "System Image Recovery" is only able to restore a
system image if the backup included the "System
Reserved" partition.
-
In this dialog, you can click the "Select a system image" option to find the
.vhd
/.vhdx
file, so that Windows can write it back to your physical disk. -
More information is available online, including a visual walkthrough:
- Windows 10 / Server 2016: via answers.microsoft.com
- Windows Vista / Server 2008: via dell.com
-
Later versions of the Windows install media are able to recover vhd files of older versions of Windows, and may have better driver support. For instance, if you experience problems recovering a
.vhd
file using the Server 2008 install media, consider trying with install media from a newer version of windows.
Using wbadmin ¶
You can use the wbadmin start recovery
or
wbadmin start sysrecovery
commands to restore the OS
without using the Windows "System Image Recovery" GUI.
Using qemu-img ¶
The .vhd
file can be manually written out to a
physical volume using qemu-img
(e.g.
qemu-img convert -f vpc image.vhd /dev/sda
) or any
similar tool.
Using the hypervisor ¶
The .vhd
file can be attached to a virtual machine
and booted as-is.
Alternative ways of backing up Windows System Backup ¶
Note that because wbadmin
is used, spool space is
required. It may be preferable to use the "Files and
Folders" backup type instead, that does not require spool
space. However, backing up a Windows OS installation in this way
does not result in a bootable image.
"Application-Aware Writer" items ¶
Using this Protected Item type may incur a Booster charge.
About ¶
VSS is a technology for taking a consistent point-in-time snapshot of a disk volume. A VSS Writer is an extra software plugin that detects when this action is taking place and ensures that application-specific files are in a safe state on disk. Cloud Backup's "Application-Aware Writer" feature allows you to invoke a single VSS Writer, or a sub-component of a single VSS Writer, and back up only the files that it was protecting.
This is also an important third-party integration point for application vendors. If your third-party application includes a VSS Writer, you can use this Protected Item type to back it up using Cloud Backup.
Some products that can be backed up with this Protected Item type are:
- Oracle DB;
- MailStore Server;
- Microsoft Dynamics CRM;
- Microsoft Sharepoint;
- Pervasive PSQL;
- other products natively supported by Cloud Backup, including Microsoft Exchange Server, Microsoft Hyper-V, and Microsoft SQL Server;
- and other products.
NOTE: This Protected Item type is intended for integration with specific custom applications. If you want to back up normal files with a VSS snapshot, use the "Files and Folders" Protected Item type with the "take filesystem snapshot" option enabled.
Selecting components ¶
In Cloud Backup, click the Edit button (pencil icon) to browse the available VSS Writers installed on your device.
You can select the top-most checkbox to include all components within the VSS Writer, or you can select individual components within the VSS Writer. For instance, the Microsoft SQL Server VSS Writer allows you to select individual databases for backup.
The VSS Writer itself may mark some components as non-selectable. This is shown in Cloud Backup as a grey subcomponent without a checkbox.
VSS Mode ¶
You can perform the operation in "VSS Full", "VSS Copy", "VSS Incremental", or "VSS Differential" modes. If a specific VSS Writer does not support the selected backup mode, it will perform the backup in "Full" mode.
The actual behavior of these modes is specific to each VSS Writer. For more information, consult the documentation for your VSS Writer.
Backing up Oracle Database ¶
Cloud Backup can back up the contents of any installed VSS Writer using the "Application Aware Writer" option. Oracle Database officially supports backup via its installed VSS Writer.
You may need to install the Oracle VSS Writer separately. It is available with Oracle Database 11g and later (including 12c and 18c); newer versions of the Oracle VSS Writer can be installed separately to back up a 10g or 9i database.
You should use the "Application Aware Writer" option and
select the Oracle VSS Writer - ORCL
component. Inside
this option, you can select individual tablespaces for backup, or
select the entire component.
The Oracle VSS Writer reads the database with
SYSDBA
privileges.
The Oracle VSS Writer supports log, copy, full, differential, and incremental backups:
- if you take "full" or "copy" backups at the VSS component, Cloud Backup will deduplicate them together, producing its own incremental backups
- if you take "incremental" backups at the VSS component, it may be slightly more space-efficient than Cloud Backup's incremental system as Oracle has more specific understanding of the file formats. However, when restoring, you must take care to restore the full backup and all incremental/log backups too, that adds complexity.
More information about the Oracle VSS Writer is available in Oracle's documentation.