Skip to content

Latest commit

 

History

History
136 lines (124 loc) · 5.62 KB

4.3. Storage - Azure Backup.md

File metadata and controls

136 lines (124 loc) · 5.62 KB
Raw

Azure Backup

  • Backs up to Recovery Services Vault
  • Online storage entity in Azure used to hold data such as backup copies, recovery points and backup policies.
  • Storage account is automatically created an configured
    • Comes with LRS and GRS storage account
      • Configure in Vault → Backup Infrastructure → Backup Configuration
  • All backups are listed and globally controlled in Backup Jobs
    • You can monitor status and get reports
    • You can filter the jobs
  • Backup policy
    • Settings
      • Policy type
        • Azure VM
        • Azure File Share
        • SQL Server in Azure VM
      • Backup frequency
      • Retention range: daily, weekly, monthly, yearly
  • You can set inbuilt RBAC roles to vault
    • Backup Operator
      • Manage backups but cannot remove backup, create vault, give any roles.
    • Others e.g. • Backup Reader • Monitoring Reader
  • Backup Alerts
    • Vault → Backup Alerts → Configure notifications → Enable e-mail notifications → Choose severities (critical, warning, information) → Select notification (per alert or hourly digest)
  • Enable MFA
    • Properties → Security settings → Enable
    • ❗ Cannot be disabled when enabled once.
  • You generate Security PIN for critical options and Azure Backup will prompt for the pin (Properties → Security settings)
  • When creating a VM back-up you can enable back-ups and choose a vault and policy.
    • ❗ VM must be in same location as recovery vault
  • To delete a vault, ensure all backups are stopped, delete backup agents/servers
  • Azure Backup Reports
    • On portal: Vault → Backup Reports → Diagnostic Settings → Turn on diagnostics
    • You can save reports in you can archive reports in storage accounts, stream to event hubs, send to Log Analytics
    • After you configure a storage account for reports by using a Recovery Services vault, you can connect Azure Backup from Power BI and get a dashboard.

Benefits

  • Automatic storage management
  • Unlimited scaling
  • Application-consistent backup
    • Each and every recovery point it has information for what it needs to go back to recovery point
  • Data encryption both in-rest and and in-transit
  • Unlimited data transfer
  • Long-term retention without any time limit

Pricing

  • Pay as you go storage model
  • You pay per Protected Instance
    • Protected instance is an application server/workload or computer that's been configured to back up to Microsoft Azure

Components

Microsoft Azure IaaS VM Backup

  • Features
    • Policy-driven backup and retention
      • Scheduled and on-demand backups, multiple recovery points
      • You can hwoever use to backup directly with Backup Now
    • Application-consistent backup
      • No impact on production environment and no shutdown of VMs
    • Fabric level backup
      • Multiple backups, centralized management, detailed tracking
  • ❗ New VM created by backup won't have backup policy associated with it.
  • Restoring and file-recovery manually
    • Go to back-up blade for VM.
      • Two alternatives:
        1. Back-up items → Select backup → Restore VM → Select snapshot
        2. VM → Back-up
    • Different alternatives:
      1. Restore VM
        • Two alternatives:
          1. Create new VM
          2. Restore disks
      2. File recovery
        1. Select recovery point
        2. Download script and execute on VM
          • Mounts disks from the selected recovery point
          • 💡 If files are larger than 100 GB, restore whole VM instead
        3. Unmount disks after recovery

Microsoft Azure Backup MARS Agent

  • Called also Recovery Services Agent
  • For backing up on-premises computers to Azure
    • Install back-up agent on local machine
    • Need connectivity to Microsoft Azure
  • Same configuration and control
    • Centralized management of all on-premises back-ups
  • Secure backup and recovery
    • Protected Instance is registered with Azure
  • Flow
    1. In recovery services in portal
      1. Back-up
        • Where is your workload running: On-premises
        • What do you want to back-up:
          • • Files and folders • Hyper-V • VMware • Microsoft SQL Server • Sharepoint • Exchange • System State • Bare Metal Recovery
      2. Backup files and folders and system state
      3. Download Recovery Services Agent from link provided
      4. Download credentials to enter in the workstation
      5. Transfer credentials & agents to the workstation
    2. Install the Azure backup client
      • Select a password for encryption
    3. Setup the backup
      • Click on Schedule Backup in agent
      • Select files/folders
      • Specify retention settings and policy
    4. Backup and restore file
      • Click on Backup Now in agent
      • Click on Recover Now in agent

Microsoft Azure Backup Server

  • Centralized installation
    • Can be installed on a server in Azure or on-premises
  • Free
  • Similar functionality as Data Protection Manager (DPM)
  • Backup a variety of instances
    • Workloads, VMWare and Hyper-V VMs, hosts, files, application workloads and barebone backups
  • Flow
    1. Create Backup in Site Recovery Service
      • Go to Vault → Backup
      • Get link for Azure Backup Server
    2. Install Azure Backup Server
      • Installs SQL server
    3. Configure Azure Backup Server
      1. Select management
      2. Protection Servers → Register a server
      3. Disk Servers → Add a disk for configuration files
      4. Create protection group
        • Add servers, workstations and workloads to the group
        • Can back-up to online and/or locally
      5. Enable disk for backup data
    4. Recover with Azure Backup Server
      • Select server → Click on Recover Now