Veeam Backup and Replication hardware

Because of the lack of characters in twitter, I thought I would share my setup via my blog and ask for recommendations on configuration.  Specifically the recommended RAID configuration for the best backup time.

Source:

  • VMware Essentials Plus, three ESXi 4.1 hosts
  • Identical Hosts:  Dell R710, Dual Intel Xeon E5530 2.4 GHz (dual quad core processors), 32GB of RAM
  • EqualLogic PS5000e iSCSI SAN.  16x 1TB SATA II 7200RPM hard drives in a RAID 50 with 10.47 TB usable
  • 23 Virtual Machines
  • Approx 7TB file server storage in use

Destination (Veeam Backup Server)

  • Physical Server: PowerEdge 2950, Dual Intel Xeon 5050 3.0 GHz, 4GB of RAM
  • Direct Attached Storage:  MD1000, 15x 2TB Western Digital RE4 Enterprise/RAID SATA II 7200RPM hard drives

So, basically a few questions:

  1. What RAID for best performance?  My research tells me RAID 10 has best performance.  However, I’d like to hear the recommended RAID setup for Veeam B&R.  Could be that RAID 50 is recommended and RAID 10 would be overkill given the way Veeam backs up?  I’m not sure.  I need a reasonable backup window. 
  2. Is the RAM okay, or need to upgrade?  This server was previously a file server, so 4GB was more than sufficient.
  3. Currently the Veeam server is 2003.  I’m thinking 2008 since we are starting from scratch.  Any things to look for there?
  4. What’s the recommended backup schedule?  Backup all at once?  Split up based on host/lun?  Limit backup to a specific number of VMs at once?

Thanks for your help.  I could figure out by trail and error, but would rather not recreate the wheel.  What works for you, and what is best practice?

Thanks!!!

2010 Projects

2010 has been a very busy year for IT at Savannah Christian Church, and we aren’t slowing down now! Be on the look out for detailed blog posts over the next few weeks of some of the projects we have rolled out this year, and others still in planning for a 2010/2011 roll out.

Topics include:

* Firewall upgrade – Cisco PIX to ASA
* Moved from 3 bonded T’s to Metro E 10MB up/down.
* Televantage VoIP rolled out
* VMware vSphere Essentials Plus rolled out – 3 host high availability setup.
* EqualLogic 4.0 to 4.3 firmware upgraded.
* Upgraded Domain Controllers to 2008 and moved functional levels to 2008
* Implemented Windows 2008 DFS Naming and Replication for a single network share across all campuses (Naming), and backup (Replication) data back to the main campus.
* Began rolling out Windows 7.
* East Campus new facilities, extended SCC network via site-to-site VPN.
* Effingham Campus launch and new facilities, extend SCC network via site-to-site VPN.
* Rolled out regional campus check-in systems using Wyse Thin Clients and Windows 2008 RD Published App.
* Upgraded to Backup Exec 2010, and planning the deduplucation piece.
* EMS to HVAC integration. Automatic HVAC controlls when a room is reserved via EMS.
* Windows 2008 Remote Desktop Web Access (SSL) and Remote Desktop Gateway implementation. This is replacing public/private NAT RDP access with an SSL secured web access.
* Three server Terminal Server (RD) Farm for load balancing and HA.
* Blackberry 4 – 5 planning.
* Exchange 2007 – 2010 planning.
* Centrally mannaged wireless (WLAN) solution planning.

And more!

I hope to get back on track with blogging about what we are doing here at SCC. Many things I have rolled out have come specifically from CITRT. This blog is my chance to give back to other CITRT and IT Professionals looking for ideas, or troublehooting problems! :0)

Next Level Leadership Conference

Today was the final day of the Next Level Leadership Conference here at Savannah Christian Church… and what a great conference it was. Every year, church leaders across America and around the world come to SCC to network together, and seek out how to take their church to the “Next Level”. We are blessed to be able to give back by teaching what we have learned after many years of conferences ourselves as we have grown over the years, and continue to grow daily.

On the IT side, we not only make sure that our internal infrastructure is performing optimally, but we also offer wireless internet and Internet Kiosks for our guest to use.

For the wireless internet (guest network), we use a device called a Guest Gate, which is a very affordable hardware appliance that separates our guest network from our private network. By adding switches and wireless access points behind the Guest Gate, we are able to create a guest network that is totally isolated from our internal, private network. It works very well! This year, we used an Apple Airport Extreme base station as a central wireless access router for our public network. We also used two Apple Airport Express access points to extend/boost the signal in areas where the signal had gotten weak. The Airport Express access points are actually able to “extend a network”, rather than creating a new network, which is very nice! Doing this, we were able to cover most of the building for Public Wifi.

For our “Internet Kiosks”, we used 4 of our 16 check-in stations. Our check-in stations are non-domain joined, Windows 7 machines with Microsoft Steady State installed. We use Windows 2008 Terminal Server Published App/Remote App to push ACS Check-point to the computer. So, moving these machines to our guest network was simple. We added a “nextlevel” local account without a password, locked the account down with Windows Steady State, disable the ACS local account that we use for the weekends, and move the computers network lines to the guest network in the datacenter. The result, a quick-to-deploy internet kiosk that is completely locked down and isolated from our network. In addition to the security of the computer, we also implemented OpenDNS.com this year for our guest network. Doing this, we were able to protect our guests from certain areas of the internet using OpenDNS’s filters, as well as preserving the bandwidth by blocking access to file sharing, audio & video streaming, etc.

This morning, we had a Q&A-Information Technology session where we were able to take an hour and sit down with guests to talk about IT in their churches. It went really well. A special thanks to Ernesto, Winston and Scott for doing an excellent job assisting in facilitating this session.

Here are a few pictures from Main sessions of the conference, and the Internet Kiosks:

Command Center :0)
Monitoring the SCC Private & Guest Networks

Normally Check-in Stations being used as Internet Kiosks for the Conference.

Shots of the Praise Services that kicked off the Conference on Wednesday night, and main sessions of the conference on Thursday and Friday.

NIC Teaming with VMware vSphere & HP Procurve Switches

I researched how to configure NIC Teaming for load balancing and failover for VMware vSphere 4 and HP Procurve Switches.  I won’t go into great detail, but here are the steps. 

NIC Teaming with VMware vSphere and HP Procurve switches.

Summary…

HP Switch

  • Set ports on HP switch for trunking
  • Add new trunk to data vlan

 VMware vSphere

  • Add networking (new virtual switch) and configure NIC Teaming

 

Steps… 

HP Switch – Set ports on HP Switch for Static Trunk

  • Telnet into the hp switch where you want to configure Static Trunk:

Telnet <ip-address>

  • Enter password
  • Select switch (assuming stacking with a central commander)
  • Enter Password (assuming stacking)
  • Type Menu
  • Select Option 2 Switch Configuration
  • Select Option 2 Port/Trunk Settings
  • Select Edit and scroll down to desired ports
  • On Desired ports:
  • Set Group to a new “trk#”
  • Set  Type to Trunk
  • Enter and Save
  • Press 0 to return to main menu

 

Add new trunk to data vlan 20

  • Press 5 for Command Line Interface (CLI)
  • Type show vlan 1
    notice the new trunk is listed in vlan 1 (the management vlan)
  • Type config
  • Type vlan # (where # is the number of your data vlan)
  • Type untag trk# vlan #   (where # is the number)
  • Type show vlan #
  •  Notice you’ll now see your “trk#” listed in the data vlan

 

VMware vSphere – Add networking (new virtual switch)

  • Log into vCenter then the ESX(i) machine (or direct to ESXi machine)
  • With the ESXi machine selected, click Configure
  • Click Networking
  • Click Add Networking
  • Verify Virtual Machine is selected, click Next
  • Select desired network adapters and click next
  • Give the Virtual machine network a name under “Network Label”
  • Click Finish
  • Look for the new vSwitch, click Properties
  • Select the VM Network Port Group and click Edit
  • Select the NIC Teaming tab
  • Select Load Balancing and “Route based on IP Hash”
  • Click OK to close

You now have your ESXi 4 host configured for NIC teaming for increased bandwidth (load balancing) and failover.

Volume Licensing with Windows Vista, 7, Server 2008…

In moving to Windows 7, I ran into the question of volume licensing, KMS or MAK?  This video helped!

http://technet.microsoft.com/en-us/dd936198.aspx

Basically, for KMS, you have to have a minimum of 25 machines that access the KMS service per month of Windows 7 (5 servers for Server 2008).  The KMS services is a service that you install on your local network (similar to the DNS “service”, DHCP “service”, etc).  If you are trying to activate less than 25 (as we are) via volume license, you’ll want to use MAK license keys, which uses MS hosted activation servers.

Windows 2008 Terminal Server Published App with ACS.

Over the past few months we have been testing Windows 2008 Terminal Server Published Apps and I am very impressed.  With Published App, we are able to push a program to the users desktop via Terminal Server, without having to push the whole remote desktop.  We are able to just push the program.  And it works GREAT!

How are we using it?  Our Church Management System is ACS (Automated Church Systems, www.acstechnologies.com).  Our database resides on a local server.  Then, there is a client that accesses the database server.  This works great over a 100+ MB connection, but not so well over wireless, and impossible via VPN.  This is where Windows 2008 Terminal Server Published App comes into play.  We were able to install a Windows 2008 Server, install Terminal Server with Published Application support, install ACS and then publish the program.  It’s that easy.  What’s great is that it can run on the LAN, WAN, Wireless, you name it.  And, the user wouldn’t know that the program isn’t installed on their computer. 

Another great benefit is that when we perform an update to ACS, we only have to do it once on the Terminal Server and anyone that uses ACS via published app will automatically be updated. 

We will be using Windows 2008 Published App for our Check-in Stations, as well as for our Regional Campuses (WAN) where it would be impossible to push ACS and Televantage through the VPN.  If you haven’t installed an played with Windows 2008 Terminal Server and Published Apps, I highly recommend you doing so.  You won’t be dissappointed.

Next Level Leadership Conference

Next Level Leadership Conference: Feb 3-5, 2010

The Next Level Leadership Conference is distinctly different from most. It’s designed especially for leaders of churches who want close interaction with pastors who’ve navigated from one level of ministry to the next, time and again.

Savannah Christian Church has grown from a few hundred to 6,000 worshipers in the last decade. Along the way, we’ve discovered that when you figure out how to do ministry at one level, you have to make changes for the next. And fast.

For six years, we’ve been helping churches like yours get inspired and get ready for what’s next. We’ve traveled the road you’re traveling. We’ve had success and experienced God’s blessings on our ministry. We’ve also made mistakes.

At this conference, we open our church for a behind-the-scenes peek at how we do ministry and honest talk about your next moves. You’ll leave inspired and equipped to take your ministry to the next level.

www.sccnextlevel.com