Considerations and Limitations
Before you restore VM guest OS files, check the following considerations and limitations.
Infrastructure Components
- Check the supported file systems. For details, see the File-Level Restore section of Supported Platforms and Applications.
- [For source and target VM] Veeam Backup & Replication uses the ICMP ping command to define whether a VM is available over network. If the VM must be available over the network, check that ICMP protocol is enabled on the VM.
- Veeam Backup & Replication must have access over the network to the guest OS of the target VM or direct access to the vCenter or ESXi host where the target VM resides to deploy a coordination process. The coordination process performs a number of administrative actions on the target VM guest OS, for example, collects information about mount points.
- The mount server, helper host and helper appliance, must have access over the network to a VM whose files you restore or direct access to vCenter or ESXi host where the VM resides. If a connection over the network cannot be established, the mount server connects to the VM over VIX API/vSphere Web Services. In this case, you must use a root account for the target VM and check that /tmp directory on the target VM is mounted with the exec option. Otherwise the restore process will fail.
If you use the FQDN of the ESXi host in the helper appliance configuration window, the helper appliance must be able to resolve the FQDN of the ESXi host.
If your DHCP does not provide the DNS configuration, assign the DNS server address manually using the [HKEY_LOCAL_MACHINE\SOFTWARE\Veeam\Veeam Backup and Replication\DnsServersList]registry value. This value accepts data of the REG_SZ type, for example, 10.11.12.13. If you want to specify multiple addresses, separate them using a semicolon. After you specify the registry value, restart the restore process.
- You can restore from Novell Storage Services (NSS) file system if you use FUSE or a helper appliance. When using FUSE, the helper host must differ from the backed-up VM. When using the helper appliance, you can perform restore only in the IPv4 environment.
Helper Host
If you mount disks to a helper host, consider the following:
- Check the supported OSes listed in System Requirements.
- The backup server and the mount server, associated with the repository where the backup is stored, must be able to resolve the FQDN of the helper host.
- You can restore from ZFS using the helper host option if the zfsutils-linux package is installed on the specified helper host. The package zfs-fuse package is not supported.
- The helper host OS kernel must support the file system that you plan to mount on this host. Otherwise, the mount will be refused and in rare cases it may cause kernel panic.
- Make sure that the /tmp directory is mounted with the exec option. Otherwise, you will get an error with the permission denial.
- For the helper host option, mounting of LVM snapshots is not supported. Thus, LVM snapshots are skipped from processing.
- [For backups created by Veeam Agent for Linux] The original machine cannot be used as the helper host for the 32-bit versions of the Linux-based OSes. However, for VM backups, you can still use the original VM as the helper host for the 32-bit versions of the Linux-based OSes.
- Restore from a Btrfs disk using the original host as the helper host is not possible. The issue occurs due to restriction of mounting two Btrfs disks with identical IDs to the same machine. To avoid this issue, use the helper appliance option or a different Linux-based server that supports Btrfs. However, note that Btrfs disks can be restored for backups created by Veeam Agent for Linux. During the backup process, Veeam Agent for Linux changes disk IDs in the backup file.
- Restore from a ZFS pool using the original host as the helper host is not possible. The issue occurs due to restriction of mounting two ZFS pools with identical UUIDs to the same machine. To avoid this issue, use the helper appliance option or a different Linux-based server that supports ZFS pools.
- Hardened repositories cannot be selected as helper hosts.
Source for Data Recovery
- You can restore VM guest OS files from a backup, VM replica, Cloud Director replica or CDP replica that has at least one successfully created restore point.
- You can restore files whose names are written in all locales in the UTF-8 encoding. If the encoding is other than UTF-8, you can restore only files whose names are written in the English locale.
- The multi-OS guest OS file restore wizard does not support restore of deduplicated volumes (for example, Microsoft Windows volumes with data deduplication enabled).
- You cannot restore files from a backup created in the reverse incremental mode if the backup job is being performed. If the backup is created in the incremental backup mode and the backup job is being performed, you can restore files from any available restore point.
- You cannot restore guest OS files from a running VM replica or if the replication job with the necessary VM is being performed. However, restore is possible for CDP replicas if the CDP policy is running.
- [For backups of BSD, macOS and Solaris VMs] You cannot restore files directly to the original location. Use the Copy to option instead.
- [For backups of Linux workloads] You can restore files from basic disks, Linux LVM (Logical Volume Manager) and ZFS pools. Encrypted, RAID1 and mirrored LVM volumes are not supported.
- [For backups of Linux workloads] RAID mounts and restores are not supported.
- [If you restore from backups with guest file system indexing disabled] To properly show the file system tree in the Veeam Backup browser, check that the /etc/fstab file lists disk UUIDs or labels. Disks listed using device names are shown outside the file system tree as separate disks.
CDP Replicas
- You can launch restore for a CDP replica if its CDP policy is currently running. CDP will continue working.
- During restore, the CDP policy does not create new long-term restore points and does not delete the existing ones. Short-term restore points are still created.
- You cannot launch guest OS file restore, SureReplica, application item restore and failover in parallel for one VM or replica.
Target for Data Recovery
- If you plan to restore VM guest OS files to their original location or to another VMware vSphere VM, VMware Tools or OpenVM Tools must be installed and running on the target VM.
- The following applies if guest processing components are not installed on the target VM:
- Make sure that the /tmp directory on the target VM is mounted with the exec option. Otherwise, you will get an error with the permission denial.
- If you restore files using the account for which only the Elevate account privileges automatically check box is selected, the /home/<username> directory also must be mounted with the exec option.
- [For restore to a new location] You can restore items only to Linux-based VMs. BSD, macOS and Solaris VMs are not supported.
- [For restore to a new location] If you want to restore files over network, make sure that the SSH daemon is configured and SCP utility is available on the target VM.
- [For restore to a new location] Veeam Backup & Replication can restore ACL for recovered VM guest OS files. To let Veeam Backup & Replication detect the target Linux system architecture and kernel version, the following utilities must be present in the minimal configuration of the system: arch and uname.
- For backups created by Veeam Agents, you can use the Restore to (restore to a new location) command only if the target computer is available over the network. This applies to backups created by Veeam Agent for Linux, Veeam Agent for IBM AIX or Veeam Agent for Oracle Solaris.
Linux Firewalls in Helper Host and Target for Data Recovery
If you want to use the helper host option or if you want to restore files to a new location on another Linux VM, consider the following.
Veeam Backup & Replication automatically opens ports used for the restore process on the helper host and on the target Linux VM. Generally, Veeam Backup & Replication automatically opens ports for most popular firewalls (iptables, ufw, firewall-cmd). However, if for some reason the ports are not opened, you can open the ports manually. You can also specify these ports at the SSH Connection step of the New Linux Server wizard. Note that ports are opened dynamically: if 10 concurrent jobs are running, Veeam Backup & Replication opens ports 2500-2509.
If you use the firewalld tool, you can configure firewall rules to open ports only in necessary zones. By default, Veeam Backup & Replication opens ports in all active firewalld zones. If your firewall is configured for different zones, and you want to minimize security holes, you can configure Veeam Backup & Replication to open the ports only for certain zones. To do this, perform the following:
- On the helper host or target Linux host, create the /etc/VeeamNetConfig file and define the following parameter:
FirewalldZones=zone_name_1, zone_name_2 |
where zone_name_1, zone_name_2 is a list of zone names where the ports must be open. Veeam Backup & Replication will skip the zones that are not in this list.
- [Only for helper host] If you select a Linux host that is already added to the Veeam Backup & Replication infrastructure, you should also add required zones to the /opt/veeam/transport/VeeamTransportConfig file.
FirewalldZones=zone_name_1, zone_name_2 |
Note |
Veeam Backup & Replication opens the port 2500 in all zones even if you have specified the required zones in configuration files. |
Storage Snapshots
Requirements for guest OS file restore from storage snapshots are listed in the Data Recovery from Storage Snapshots section in the Storage System Snapshot Integration Guide.