Home > Integrated Products > VxBlock 1000 and 3-Tier Platform Reference Architectures > Guides > 3-Tier Platform Design Guide > Data protection backup systems
Dell Technologies recommends using the components shown in the following table to provide data protection backup for the 3-Tier platform. Integrate these components directly within the 3-Tier platform to protect its workloads. By doing so, you can isolate the backup traffic and contain it within the 3-Tier platform, preventing the traffic from moving to and from the external core network.
Product | Component |
PowerProtect Data Manager |
|
PowerProtect Data Domain |
|
Proper sizing of a data protection backup system for a 3-Tier Platform requires an understanding of the workloads, the amount of front-end data to be protected, the available backup window as well as the required Recovery Time Objective (RTO) and Recovery Point Objective (RPO). Proper sizing also includes current backup requirements with a plan to seamlessly scale up to meet the capacity requirements for three to five years. Selecting the right components requires the use of appropriate sizing tools and assistance from an experienced Dell Technologies data protection professional.
PowerProtect Data Manager software is an enterprise backup solution that provides software-defined data protection, deduplication, operational agility, self-service, and IT governance.
PowerProtect Data Manager key features include:
PowerProtect Data Manager integrates multiple data protection products within the Dell Technologies Data Protection portfolio to enable data protection as a service, providing the following benefits:
PowerProtect Data Manager deploys as a VM from an OVA in a VMware vSphere environment, and stores all backups and data on a PowerProtect Data Domain. The Data Domain Boost (DD Boost) protocol provides advanced integration with backup and enterprise applications for increased performance. DD Boost distributes parts of the deduplication process to the backup server or application clients, enabling client-side deduplication for faster and more efficient backup and recovery.
PowerProtect Data Manager appliance provides the following features for Converged Systems:
For scalability information about the number of vCenter servers, external VM Direct Engines, PowerProtect Data Domain systems, VMs supported per PowerProtect Data Manager server, and limits for network latency, see the latest PowerProtect Data Manager Deployment Guide.
See the latest PowerProtect Data Manager Deployment Guide for information about resource requirements such as vCPUs, RAM, Storage, and vNICs for:
When configuring PowerProtect Data Manager, do not use an IP address in the 172.24.0.192 /26 subnet. IP addresses from 172.24.0.192 through 172.24.0.255 are reserved for the private Docker network.
The following tables shows the targeted performance and scalability numbers for the PowerProtect Data Manager software:
Table 88. Target performance and scalability metrics
Components | Test limits |
VMware Crash/App consistent | 10,000 assets |
VMware App Aware | 10,000 DBs (400VM x 25 DB) |
ADM-SQL Application Direct | 2,500 assets (50 Hosts x 50 DB) |
ADM-Oracle Application Direct | 200 assets (40 Hosts x 5 DB) |
File System | 1,000 FS with 40 million files |
Blended Scale/Jobs per day | 100K jobs (including vProxy, ADM, and FS assets) |
Number of vCenter Servers supported with a single PowerProtect Data Manager server | 12 |
Number of external VM Direct engines supported with a single PowerProtect Data Manager server | 40 |
Number of DD systems supported per PowerProtect Data Manager server | 10 |
Number of concurrent NBD + Preferred Hot Add backups per ESXi host | 48 |
Concurrent VMDK backups per vCenter Server | 180 (recommended count) |
Number of proxies per vCenter Server | 25 (7 recommended) |
Number of files/directories per file level recovery | 200,000 |
PowerProtect Data Domain provides for in-flight data encryption as a default for new installations. Although you can disable encryption, Dell Technologies strongly recommends leaving it enabled. If encryption is enabled later, the cleaning cycle is CPU-intensive and may be lengthy.
Encryption for replication is also enabled by default, but may be disabled.
For more information about encryption, see the latest Dell PowerProtect Data Manager Administrator and Security Configuration Guides on the Dell Technologies Support website.
Through integration with vSphere vCenter, PowerProtect Data Manager manages, protects, and recovers VMs. PowerProtect Data Manager automates data retention SLA compliance by ensuring that the correct number of backup copies are stored in the correct location and at the required protection level.
To be able to protect VMs, the first step is to add vSphere vCenter to the PowerProtect Data Manager UI. The system discovers the vCenter and installs the PowerProtect Data Manager plug-in for vSphere. After vCenter is discovered, deploy the external Protection Engine in vCenter as a best practice. The Protection Engine enables you to perform VM snapshot backups and move the backup data to the target Data Domain.
HotAdd is a VMware feature where devices can be added “hot” while a VM is running. The Protection Engine takes a snapshot and creates a linked clone of the production VM. It then attaches and reads the linked clone’s VMDKs for backup. For more information, see the VMware document HotAdd Transport.
The Protection Engine also supports Change Block Tracking (CBT). CBT allows PowerProtect Data Manager to determine the changes (or deltas) that have occurred since the previous backup. At the next incremental backup, the deltas are transferred to Data Domain through the Protection Engine.
During the first full backup of a VM, the Protection Engine reads the entire content of all VMDKs and uses DD Boost, which uses global deduplication, to transfer the data to Data Domain. The next backup reads only the changes that have occurred since the previous backup and overlays them on a copy of that backup to create a new full backup, while transferring only the incremental changes.
PowerProtect Data Manager supports image-level backup and recovery of VMs on both VMFS and VMware vVols datastores when integrated with a 3 Tier platform.
For more information about support for vVols datastores with PowerProtect Data Manager, see the Dell PowerProtect Data Manager Administration and User Guide on the Dell Technologies Support website.
When using PowerProtect Data Manager with the external VM Direct Engine:
Note: Do not use HotAdd mode with IDE virtual disks. When performing backups of IDE virtual disks, use NBD mode.
PowerProtect Data Domain systems provide a data protection backup storage target for Power Protect Data Manager on 3-Tier platforms. PowerProtect Data Domain supports deduplication of backup data before writing it to storage, thus minimizing storage requirements by storing only unique data.
Dell Technologies recommends using the following PowerProtect Data Domain models for the 3 Tier Platform:
The following PowerProtect Data Domain configurations are recommended.
Add the Network Card option of an Intel X710 Dual Port 10GbE SFP+ PCIe Full Height Adapter
You can configure these models in any way, including for HA, following these recommendations:
Note: Although you can select other Input Output Cards, doing so may affect the overall configuration and limit expandability.
DD 9900 configuration
Configure this model in any way, including for high availability, following these recommendations.
Note: Although you can select other Input Output Cards, doing so may affect the overall configuration and limit expandability.
Data Domain Boost (DD Boost) extends the optimization capabilities of Data Domain solutions. DD Boost also simplifies disaster recovery procedures and increases performance by distributing parts of the deduplication process to the backup server or application clients providing faster and more efficient backup and recovery.
For more information about DD Boost, see the following documents on the Dell Technologies Support website:
Replication is performed for disaster recovery and multi-site backup and archive consolidation. Data Domain replication provides automated, policy based, network-efficient, encrypted replication, replicating compressed, deduplicated data over a wide area network asynchronously. Data Domain replication requires a minimum of two Data Domain systems, both of which require replication licensing.
Data Domain supports the following replication topologies:
For additional information, see the latest Data Domain DDOS Administration Guide.
The Data Domain Metadata on Flash feature creates caches for the Data Domain file system metadata. The caches are created on solid-state drives (SSD) and accelerate access to metadata and backup data through low latency and high IOPS. This feature improves performance for both traditional and random workloads.
The DD9900 model includes a mandatory 2 RU SSD storage shelf, called the FS25 SSD Shelf, which counts towards the total number of shelves connected to the Data Domain system. This shelf supports 10 SSD drives.
The DD9400 controller contains five SSDs in the front facing 2.5" bays for support of the Metadata on Flash feature. The DD6900 controller contains two SSDs in the front facing 2.5" bays for support of the Metadata on Flash feature.
Table 89, Metadata on Flash support by DD model
DD model | Minimum number of SSD Disks | Maximum number of SSD Disks | Minimum SSD Capacity | Maximum SSD Capacity |
DD3300 | Not supported | Not supported | Not supported | Not supported |
DD6900 | 2 | 2 | 3.84 TB | 3.84 TB |
DD9400 | 5 | 5 | 19.2 TB | 19.2 TB |
DD9900 (FS25) | 10 | 10 | 38.4 TB | 38.4 TB |
Data Domain offers a high availability option which supports all current Data Domain features and functionality and integrates with all Data Domain-supported converged infrastructure systems.
Data Domain HA is supported on the following Data Domain systems:
In a Data Domain HA configuration, two identical Data Domain controllers (nodes) are configured as an Active-Standby pair. This pair allows for redundancy in the event of a system failure, such as loss of power, or system crash of the Active node.
Data Domain HA provides the following benefits:
Data Domain HA functionality is supported with IP. To ensure HA, the Active and Standby nodes must have access to the same IP networks.
For IP connectivity, the Data Domain HA system uses a floating IP address to ensure data access to the Data Domain HA system, regardless of which physical node is the Active node.
Integrated Dell Remote Access Controller (iDRAC) with Data Domain
The onboard iDRAC is configured for the purpose of system upgrades and maintenance operations.
You can also use iDRAC to change security settings, and to remotely power the system on and off. Do not use the iDRAC to change the storage configuration, system settings, or BIOS settings, as doing so will impact system functionality. Changes to these settings should only be performed by Data Domain technical support.
Note: For more information, see the Dell PowerProtect DD Management Center Installation and Administration Guide on the Dell Technologies Support website.