{{ $t('productDocDetail.updateTime') }}: 2026-01-05

Description

By using the OpenAPI and disk data provided by Sangfor SCP and Sangfor HCI to access Sangfor Virtual Disk Development Kit (SFVDDK), third-party backup applications can configure VMs on SCP and their disks and manipulate disk data to enable agentless VM backups and recovery, without installing plugins on SCP or VMs.

SFVDDK is a development kit consisting of SDKs and APIs written in the C programming language for accessing virtual disk files on SCP. Its APIs cover basic operations such as opening, closing, reading, and writing to virtual disk files. SFVDDK accesses virtual disk data of VMs in LAN through Network Block Device (NBD) or NBDSSL protocols. The NBD protocol uses the storage on the remote host as a block device, and the NBDSSL protocol uses SSL to encrypt all the data transmitted through TCP with a high level of security.

SCP provides management of basic compute, network, and storage resources, including snapshots, backups, and other resources relevant to agentless backups, so that third-party users can standardize the management and operation and maintenance of SCP through existing APIs. The APIs are all Representational State Transfer (REST) APIs that can be called by HTTPS requests.

Prerequisites

1. Only SCP 6.10.0 and higher and HCI 6.10.0 and higher support this feature.
2. The third-party backup application version supports being connected to SCP or HCI.

Precautions

1. Agentless backup tasks have a lower priority than disaster recovery backup tasks and scheduled backup tasks of SCP and HCI. When there is an ongoing task with a higher priority, the agentless backup will be unavailable.
2. It is not supported to back up storage mounted on VMs, such as iSCSI, and NAS storage.
3. It is not supported to back up physical disks (including shared disks of Oracle RAC), or USB disks of VMs.
4. This feature is not supported for VMs that have internal disk based snapshots.
5. It is not supported to backup component-based VMs, VM templates, NFV VMs, placeholder VMs, and VMs with Turbo mode enabled.
6. Up to 2 backup and recovery tasks can be concurrently executed per node, and up to 16 disks can be concurrently backed up and recovered per node. A datastore concurrently backs up and recovers 10 disks by default, and you can adjust it with Max Tasks per Datastore to meet the backup needs. Please configure the backup policy during off-peak hours.
7. It is recommended to manage agentless backups by a dedicated account with the necessary permissions. It is not recommended to use a super administrator account for security reasons.

Steps

46. Go to System > Port Management, select Agentless backup data transfer service, enter the admin password, and click OK.

47. Go to Reliability > Scheduled Backup/CDP > Settings to configure the backup data transmission interface of HCI to limit the use of HCI resources by third-party backup systems to which the agentless backup feature is connected.

• Interface for Backup Data Transfer in LAN: Used for backup data transfer between a third-party backup system and the HCI node. The management interface is used by default. You can also select an idle interface or reuse other interfaces. The network connection between the backup data transfer interface and the third-party backup system must be normal; otherwise, backup tasks will fail.

• Merging Speed for External Snapshot Deletion: Used to configure a maximum merging speed for external snapshot deletion to reduce the impact of data merging on the VM services. The default value is recommended.

• Transmission Speed per Node: Used to configure a maximum network bandwidth for agentless backups. Other interfaces (such as the management interface) of HCI nodes can be reused as the backup data transfer interface. If the maximum transmission speed is not specified, the backup transfer may consume too many network resources, affecting the network performance of other services.

• Data Transfer Speed per Backup Task: Used to configure the maximum network bandwidth for agentless backups to read disks through SFVDDK, and here limits the data transfer speed for a single backup task. The default value is recommended.

• Max Tasks per Datastore: Used to configure the number of disks that can be concurrently backed up on a single datastore, and here limits the storage IO usage by agentless backups to reduce the impact of third-party backup applications on other services. You can configure this item as needed.

 

When deploying the network, make sure that the third-party backup application can access HCI to connect to OpenAPI, and that the third-party backup application is connected to the backup data transmission interface of the HCI node for SFVDDK to access the VM disk data.

Prerequisites for Network Deployment

1. The third-party backup platform is connected to the management networks of SCP and HCI at layer 3.
2. The third-party backup platform is connected to the backup data transmission network of HCI at layer 3 without going through a NAT device.
3. If the third-party backup platform is not connected to the backup data transmission network, go to Nodes > Physical Interfaces > Advanced > Other > Static Route > Add New Static Route to configure a next-hop IP address for HCI.

Steps for Account Creation

48. Go to System > Administrators and Permissions > Permissions > New to create permissions for agentless backup, select at least the following permissions and click OK.

• Configure VM and Use virtual machine of Compute to perform operations on VMs using the agentless backup account.

• Edit network topology of Networking to connect VMs to virtual network devices such as switches using the agentless backup account.

• Manage datastore of Storage to add and delete datastores using the agentless backup account.

• Access disks of Disk to mount disks for VMs using the agentless backup account.

49. Go to Administrator > Add New Account, select System Admin for Role, and complete the basic information.

50. Click Settings of Resource Permissions & Quota to configure resource permissions. Click the Physical Resources tab, select the needed storage, and modify their Permissions to the permissions added above.

51. Click the Virtual Resources tab, select the needed VMs, and modify their Permissions to the permissions added above.

52. Click the Resource Quota tab, configure the CPU, memory, and storage quotas for the agentless backup account, and click OK to create the account. If the quota is too low, VMs may be unable to be created.

53. Use the account created above to back up and recover VMs by following the third-party platform’s instructions.