Most virtual desktop infrastructure vendors claim that their VDI products simplify the backup process, but IT administrators
are finding that backing up and protecting data stored on virtualized desktops is not easy.
The challenge lies in how VDI is deployed and used. Ideally, administrators would just need to back up a stateless VDI desktop image and then back up the roaming profiles that contain user settings and data. But that methodology works only for recovering a virtual desktop to an originally deployed state; usually, any changes made to the virtual desktop or profile will be lost. Agent-based backups, local backups and synchronization are ways to deal with this situation.
The backup conundrum only becomes more complex if personalized virtual desktops are used in the enterprise and if virtual desktops can be run in an unconnected state. Users can create local data files, install applications and modify user settings as well as change operating system preferences. If that information is not backed up, users could lose data if their virtual desktops become corrupt or are lost.
IT administrators must ask, "Should virtual desktops be regularly backed up?" and, "What technology should be used to back up those virtual desktops?"
The answers depend on whether corporate IT policy requires desktop PCs to be backed up. If a desktop PC becomes corrupt or experiences a failure, then most IT departments will only restore that PC to the original deployed image. But if the organization has a policy of protecting endpoints (PCs, notebooks, etc.) -- both connected and disconnected -- all of the complexities of backing up users' desktops are introduced into the virtual desktop infrastructure (VDI) equation.
There are multiple ways to protect VDI desktops, but all require deployment planning, policy modifications and integration.
For some IT departments, the traditional method of deploying a desktop agent for backup may work, but a VDI deployment adds several complications.
For example, for a backup agent to launch and actually back up a system, the system must be turned on and connected to the network. Also, if the IT department is backing up all PCs -- virtual and physical -- those backups will need large amounts of storage space. That storage requirement can triple once VDI is introduced: IT departments will need space for the active PC's virtual image, the original (deployment-state) virtual PC image and the backed-up virtual PC image.
Another issue is that agent-based backup can dramatically increase network bandwidth utilization, significantly affecting operational performance. However, with some compromises, agent-based backups can work reasonably well in a VDI environment. The trick is to limit what is backed up. For example, most administrators can still offer a decent level of protection by backing up certain local directories and files stored on either the physical or virtual hard drive, such as the "my documents" folder.
In addition, the agent can back up the desktop personality, preserving bookmarks, settings and other user modifications. This approach significantly reduces the size of the backup, saving bandwidth and space needed.
There are downsides to the selective backup approach including some files may be missed during a backup, and a restore becomes a little more complicated. The best scenario for agent-based backups is when the IT department has already invested in agent-based backup software and is allowing the virtual desktop to be run from the local PC and not a server.
Another method for protecting a personalized VDI desktop is to shift the backup burden to the end user, which usually means installing backup software on the local PC and providing removable storage with enough capacity to house several backups.
However, a local backup requires the end user to participate in the backup process, so the IT department must rely on the end user to perform IT-related duties. Also, if an end user is careless with removable storage, proprietary information can fall into the wrong hands. In addition, local backups are the most expensive to deploy because each user needs additional storage to safeguard his backups.
But for organizations with only a few personalized VDI desktops, local backup technology may be an ideal stopgap for protecting user information.
While it may not be considered a true backup method, synchronization can protect personalized VDI desktops.
Synchronization can be deployed in two ways:
- By using synchronization client software to keep synchronized copies of user directories and setting files on the network. In this way, whenever a user creates or changes a file or setting on his virtual desktop, that change is replicated to a remote location. Furthermore, synchronization events can be cached, allowing disconnected users running local virtual PCs to synchronize their data files as soon as they reconnect to the network. For the most part, synchronization can be automated, requiring no end-user intervention.
- With a remote image stored on the network. The initial synchronization will consume significant bandwidth and take some time, but it will get easier after that because only subsequent changes need to be incorporated, making synchronization a speedy alternative to traditional backup technology.
There are dozens -- if not even hundreds -- of products related to backup or synchronization. Selecting which product to use requires defining how the VDI will be deployed and managed. For sites that run all virtual desktops on a server-class system in the data center, backup does become much easier. Usually, the backup system will take care of the virtual hard drives stored on physical storage in the data center. But if an organization switches to a VDI deployment that uses a hybrid setup, with some virtual PCs running in the data center and others running remotely, or with some personalized virtual PCs running remotely, backup can become a serious problem.
ABOUT THE AUTHOR:
Frank Ohlhorst is an IT journalist who has also served as a network administrator and applications programmer before forming his own computer consulting firm.